CORS WCF: Response to preflight request doesn't pass access control

问题

I have problem with WCF service access.

This is my WCF

[OperationContract]
    [WebInvoke(
        RequestFormat = WebMessageFormat.Json,
        ResponseFormat = WebMessageFormat.Json, Method = "POST",
        UriTemplate = "/GetAllRequest/")]    
    IEnumerable<USP_GET_DATA_Result> Get();

Then I following tutorial tutorial CORS

This is my service to get the data

function (app) {
    app.service('AngularService', ['$http', function ($http) {
        return {
            get: function () {
                return $http({
                    method: 'POST',
                    headers: {
                        'Content-Type': 'application/json; charset=utf-8'
                    },
                    url: 'http://localhost:51458/ServiceRequest.svc/GetAllRequest/',
                    data: {}
                });
            }
        };
    }]);

Then this is my controller

(function (app) {
    'use strict';

    app.controller('entryCtrl', entryCtrl);

    entryCtrl.$inject = ['$scope', '$http', 'AngularService'];

    function entryCtrl($scope, $http, AngularService) {
        $scope.pageClass = 'page-entry';

        //load data
        AngularService.get().success(function (response) {
            $scope.entryData = JSON.parse(response.d);
        });

    }

})(angular.module('entry'));

Then when I run I have the error like:

Edit: add my web.config

<?xml version="1.0" encoding="utf-8"?>
<configuration>
  <configSections>
    <!-- For more information on Entity Framework configuration, visit http://go.microsoft.com/fwlink/?LinkID=237468 -->
    <section name="entityFramework" type="System.Data.Entity.Internal.ConfigFile.EntityFrameworkSection, EntityFramework, Version=6.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" requirePermission="false" />
  </configSections>
  <!--add element connectionStrings-->
  <connectionStrings>
    <add name="ConnectionString" connectionString="Data Source=192.168.0.202; Initial Catalog=example.KRIS; UID=sa; Password=*****" providerName="System.Data.sqlClient" />
    <add name="Entities" connectionString="metadata=res://*/DBEntities.csdl|res://*/DBEntities.ssdl|res://*/DBEntities.msl;provider=System.Data.SqlClient;provider connection string=&quot;data source=192.168.0.202;initial catalog=example.KRIS;user id=sa;password=******;MultipleActiveResultSets=True;App=EntityFramework&quot;" providerName="System.Data.EntityClient" />
  </connectionStrings>
  <appSettings>
    <add key="aspnet:UseTaskFriendlySynchronizationContext" value="true" />
  </appSettings>
  <system.web>
    <compilation debug="true" targetFramework="4.5.2" />
    <httpRuntime targetFramework="4.5.2" />
  </system.web>
  <system.serviceModel>
    <!--add element extensions and services-->
    <extensions>
      <behaviorExtensions>
        <add name="crossOriginResourceSharingBehavior" 
             type="WcfService.CORSEnablingBehavior, 
             WcfService, Version=1.0.0.0, Culture=neutral" />
      </behaviorExtensions>
    </extensions>
    <services>
      <service behaviorConfiguration="serviceBehavior" name="WcfService.ServiceRequest">
        <endpoint address="" behaviorConfiguration="web" binding="webHttpBinding" contract="WcfService.IServiceRequest" />
      </service>
    </services>
    <behaviors>
      <!--edit value-->
      <serviceBehaviors>
        <behavior name="serviceBehavior">
          <serviceMetadata httpGetEnabled="false" />
          <serviceDebug includeExceptionDetailInFaults="true" />
        </behavior>
      </serviceBehaviors>
      <!--add element endpoint-->
      <endpointBehaviors>
        <behavior name="web">
          <webHttp />
          <crossOriginResourceSharingBehavior />
        </behavior>
      </endpointBehaviors>
    </behaviors>
    <!--edit protocolmapping-->
    <protocolMapping>
      <add binding="webHttpBinding" scheme="http" />
    </protocolMapping>
    <serviceHostingEnvironment aspNetCompatibilityEnabled="true" multipleSiteBindingsEnabled="true" />
  </system.serviceModel>
  <system.webServer>
    <modules runAllManagedModulesForAllRequests="true" />
    <!--
        To browse web app root directory during debugging, set the value below to true.
        Set to false before deployment to avoid disclosing web app folder information.
      -->
    <directoryBrowse enabled="true" />
  </system.webServer>
  <entityFramework>
    <defaultConnectionFactory type="System.Data.Entity.Infrastructure.LocalDbConnectionFactory, EntityFramework">
      <parameters>
        <parameter value="mssqllocaldb" />
      </parameters>
    </defaultConnectionFactory>
    <providers>
      <provider invariantName="System.Data.SqlClient" type="System.Data.Entity.SqlServer.SqlProviderServices, EntityFramework.SqlServer" />
    </providers>
  </entityFramework>
</configuration>

回答1:

Put following code in global.asax because you need to allow methods which can be called clients.

protected void Application_BeginRequest(object sender, EventArgs e)
{
   HttpContext.Current.Response.AddHeader("Access-Control-Allow-Origin", "*");

   if (HttpContext.Current.Request.HttpMethod == "OPTIONS")
   {
      HttpContext.Current.Response.AddHeader("Access-Control-Allow-Methods", "GET, POST, OPTIONS, PUT, DELETE");
      HttpContext.Current.Response.AddHeader("Access-Control-Allow-Headers", "Content-Type, Accept");
      HttpContext.Current.Response.AddHeader("Access-Control-Max-Age", "1728000");
      HttpContext.Current.Response.End();
    }
}

来源：https://stackoverflow.com/questions/41115825/cors-wcf-response-to-preflight-request-doesnt-pass-access-control