C# 来自一个组件的CORS错误,但不来自其他组件
我有一个应用程序是.NET Core 3.1.3,带有React 16,当我在生产中调用API(Azure/Firebase)时,我从一个特定组件得到一个CORS错误 在大多数应用程序中,一切都能正常工作,所有axios调用的基本url都设置在一个文件中,所有post请求都通过rootHttp类的一个方法C# 来自一个组件的CORS错误,但不来自其他组件,c#,.net,reactjs,firebase,azure,C#,.net,Reactjs,Firebase,Azure,我有一个应用程序是.NET Core 3.1.3,带有React 16,当我在生产中调用API(Azure/Firebase)时,我从一个特定组件得到一个CORS错误 在大多数应用程序中,一切都能正常工作,所有axios调用的基本url都设置在一个文件中,所有post请求都通过rootHttp类的一个方法 addItem(model, data){ return axios.post( this.rootUrl + '/' + model, data, {
addItem(model, data){
return axios.post(
this.rootUrl + '/' + model, data, {headers: this.headers}
);
}
//Posts new item to API
除了来自employee组件的POST调用之外,所有API调用似乎都运行良好:
export function addEmployee(employee, callback){
employee = prepEmployeeValues(employee);
return dispatch =>{
http.addItem("employee", employee)
.then(addedEmployee =>{
dispatch(addEmployeeToState(addedEmployee.data));
callback();
});
}
}
//Posts new employee to API
这会触发以下两个错误:
Access to XMLHttpRequest at 'https://procmanagement.azurewebsites.net/api/3/employee'
from origin 'https://scheduleanddirection.firebaseapp.com'
has been blocked by CORS policy: No 'Access-Control-Allow-Origin'
header is present on the requested resource.
及
请求头与来自任何其他组件的成功POST调用相同。值得注意的是,GET-from-Employee组件返回一个空数组,并且应该首先返回一个包含1个Employee对象(所有者)的数组,该对象是在注册帐户时添加的(在dev服务器中工作)
后端应在此处为员工提供职位:
[HttpPost]
public async Task<IActionResult> AddEmployee(int userId, EmployeeForCreationDto employeeForCreation)
{
EmployeeIdIncrement employeeIdIncrement = await _repo.GetEmployeeIdForIncrement(userId);
employeeIdIncrement.employeeId = employeeIdIncrement.employeeId + 1;
var creator = await _userRepo.GetUser(userId);
if (creator.Id != int.Parse(User.FindFirst(ClaimTypes.NameIdentifier).Value))
return Unauthorized();
var employee = _mapper.Map<Employee>(employeeForCreation);
employee.User = creator;
employee.EmployeeId = employeeIdIncrement.employeeId;
_repo.Add(employee);
if (await _repo.SaveAll())
{
var employeeToReturn = _mapper.Map<EmployeeForReturnDto>(employee);
return CreatedAtRoute("GetEmployee", new {employeeId = employee.EmployeeId, userId = userId }, employeeToReturn);
}
throw new Exception("Creation of Employee failed on save");
}
收到:
[HttpPost]
public async Task<IActionResult> AddDepartment(int userId, DepartmentForCreationDto departmentForCreation)
{
var creator = await _userRepo.GetUser(userId);
if (creator.Id != int.Parse(User.FindFirst(ClaimTypes.NameIdentifier).Value))
return Unauthorized();
var department = _mapper.Map<Department>(departmentForCreation);
department.User = creator;
_repo.Add(department);
if (await _repo.SaveAll())
{
var jobToReturn = _mapper.Map<DepartmentForCreationDto>(department);
return CreatedAtRoute("GetDepartment", new {deptName = department.DeptName, userId = userId }, jobToReturn);
}
throw new Exception("Creation of Department failed on save");
}
所以经过深思熟虑,我发现事实上并不是CORS问题让我犯了那个错误 我与Postman检查了API,发现出现了一个内部服务器错误,然后将我的Dev server API连接到生产数据库,在那里我发现问题在于MS SQL server与SQLite相比的工作方式 Dev服务器使用SQLite。MS SQL Server在使用SQLite时遇到了两个问题:
并非所有请求都需要COR,有些(比如GET)是“简单的”。请参见,例如,来自其他组件的PUT虽然成功,但请求头中的源url相同,传递的令牌也相同。请给出两个行为不同的最相似的请求,然后显示服务器的CORS配置。这将很难重现,由于它仅发生在生产中,但是如果您查看上面的内容,您将看到addEmployee函数,这是一个使用其上面的addItem helper方法的操作,由addEmployee控制器方法接收,但由于显示的错误而失败。使用相同addItem helper方法的addDepartment函数成功,并由addDepartment控制器方法接收。我在底部添加了CORS政策
export function addDepartment(department, callback){
department = prepDepartmentValues(department);
return dispatch =>{
http.addItem("department", department)
.then(addedDepartment =>{
dispatch(addDepartmentToState(addedDepartment.data));
callback();
});
}
}
//Posts new department to API
[HttpPost]
public async Task<IActionResult> AddDepartment(int userId, DepartmentForCreationDto departmentForCreation)
{
var creator = await _userRepo.GetUser(userId);
if (creator.Id != int.Parse(User.FindFirst(ClaimTypes.NameIdentifier).Value))
return Unauthorized();
var department = _mapper.Map<Department>(departmentForCreation);
department.User = creator;
_repo.Add(department);
if (await _repo.SaveAll())
{
var jobToReturn = _mapper.Map<DepartmentForCreationDto>(department);
return CreatedAtRoute("GetDepartment", new {deptName = department.DeptName, userId = userId }, jobToReturn);
}
throw new Exception("Creation of Department failed on save");
}
services.AddCors(options =>
{
options.AddPolicy("ProdCors",
builder =>
{
builder.WithOrigins("https://scheduleanddirection.firebaseapp.com", "https://scheduleanddirection.web.app")
.AllowAnyMethod()
.AllowAnyHeader()
.AllowCredentials();
}
);
});