C# SEC7123:访问控制允许标头列表中不存在请求标头键
我试图从一个角度HTTP拦截器向我的Web API传递一个自定义头。 我已经在web.config的允许标题列表中添加了标题,如下所示C# SEC7123:访问控制允许标头列表中不存在请求标头键,c#,angular,asp.net-web-api,cors,microsoft-edge,C#,Angular,Asp.net Web Api,Cors,Microsoft Edge,我试图从一个角度HTTP拦截器向我的Web API传递一个自定义头。 我已经在web.config的允许标题列表中添加了标题,如下所示 <add name="Access-Control-Allow-Origin" value="*" /> <add name="Access-Control-Allow-Headers" value="Key,Content-Type" /> <add name="Access-Control-Allow-Methods" v
<add name="Access-Control-Allow-Origin" value="*" />
<add name="Access-Control-Allow-Headers" value="Key,Content-Type" />
<add name="Access-Control-Allow-Methods" value="GET, POST, PUT, DELETE, OPTIONS" />
是否还有其他设置丢失?我可以通过在Global.asax文件中的BeginRequest方法中添加以下代码来解决此问题
protected void Application_BeginRequest (Object sender, EventArgs e)
{
if (Request.Headers.AllKeys.Contains ("Origin") && Request.HttpMethod == "OPTIONS")
{
Context.Response.AddHeader ("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Key, Accept,Authorization,serverName");
Context.Response.AddHeader ("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE, OPTIONS");
Context.Response.End ();
}
}
类似的问题可能会有所帮助:
protected void Application_BeginRequest (Object sender, EventArgs e)
{
if (Request.Headers.AllKeys.Contains ("Origin") && Request.HttpMethod == "OPTIONS")
{
Context.Response.AddHeader ("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Key, Accept,Authorization,serverName");
Context.Response.AddHeader ("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE, OPTIONS");
Context.Response.End ();
}
}