问题
I am attempting to get CORS set up in an asp.net web api. My WebApiConfig.cs is:
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web.Http;
using System.Web.Http.Controllers;
using System.Web.Http.Cors;
using System.Web.Http.Routing;
namespace WebApplication2
{
public static class WebApiConfig
{
public static void Register(HttpConfiguration config)
{
config.MapHttpAttributeRoutes();
var cors = new EnableCorsAttribute("http://localhost", "*", "*");
config.EnableCors(cors);
config.Routes.MapHttpRoute(
name: "bootstrap",
routeTemplate: "abp/{controller}"
);
}
}
}
I also have appended headers in my Controller, which is:
namespace WebApplication2.Controllers
{
public class BootStrapController : ApiController
{
public void Options(string locale, string deviceType)
{
string origin = HttpContext.Current.Request.Headers.Get("Origin") ?? "";
HttpContext.Current.Response.AppendHeader("Access-Control-Allow-Origin", origin);
HttpContext.Current.Response.AppendHeader("Access-Control-Allow-Methods", HttpContext.Current.Request.Headers["Access-Control-Request-Methods"]);
HttpContext.Current.Response.AppendHeader("Access-Control-Allow-Headers", HttpContext.Current.Request.Headers["Access-Control-Request-Headers"]);
HttpContext.Current.Response.End();
}
public object Get(string locale, string deviceType)
{
string origin = HttpContext.Current.Request.Headers.Get("Origin") ?? "";
HttpContext.Current.Response.AddHeader("Access-Control-Allow-Origin", origin);
Yet, I do not have any access-control or any appended headers in the server response. If you need any more information let me know.
回答1:
Please visit http://www.asp.net/web-api/overview/security/enabling-cross-origin-requests-in-web-api. you will get a complete guide to implement CORS in WebAPI.
UPDATE: To implement CORS in WEBAPI please follows these steps:
Add the CORS NuGet package in your solution. In Visual Studio, from the Tools menu, select Library Package Manager, then select Package Manager Console. In the Package Manager Console window, type the following command:
Install-Package Microsoft.AspNet.WebApi.CorsOpen the file App_Start/WebApiConfig.cs. Add the following code to the WebApiConfig.Register method.
public static class WebApiConfig { public static void Register(HttpConfiguration config) { // New code config.EnableCors(); } }Next, add the [EnableCors] attribute to the BootStrapController class:
[EnableCors(origins: "*", headers: "*", methods: "*")] public class BootStrapController : ApiController { // Controller methods }origins,headers and methods may vary according to your need.
回答2:
The previous answer is correct, but if you want to enable CORS in all the controllers, you can do that a really easy way: in the WebApiConfig class, inside of the Register method, add the next two lines:
public static class WebApiConfig
{
public static void Register(HttpConfiguration config)
{
// These next two lines enables CORS for all controllers
var cors = new EnableCorsAttribute("*", "*", "*");
config.EnableCors(cors);
}
}
来源:https://stackoverflow.com/questions/37685446/cors-and-asp-net-web-api