C# 获取页面是通过HTTPS加载的,但请求了一个不安全的XMLHttpRequest端点';。著名的/openid配置';
因此,我有一个ASP.Net Core托管的Blazor Web Assembly项目,使用Identity Server 4管理我的登录和注册,当我调试并尝试登录我的应用程序时,端点”。众所周知的/openid配置“是通过HTTPS提供的,但当我在Docker中运行它的发布版本时,它是通过HTTP提供的,导致我的登录页面无法工作。如何通过HTTPS提供服务 完整错误是:AuthenticationService.js:1混合内容:位于的页面https://musicfusion.app/'已通过HTTPS加载,但请求了不安全的XMLHttpRequest终结点'http://musicfusion.app/.well-known/openid-configuration'. 此请求已被阻止;内容必须通过HTTPS提供 编辑:My Startup.csC# 获取页面是通过HTTPS加载的,但请求了一个不安全的XMLHttpRequest端点';。著名的/openid配置';,c#,docker,asp.net-core,identityserver4,blazor-webassembly,C#,Docker,Asp.net Core,Identityserver4,Blazor Webassembly,因此,我有一个ASP.Net Core托管的Blazor Web Assembly项目,使用Identity Server 4管理我的登录和注册,当我调试并尝试登录我的应用程序时,端点”。众所周知的/openid配置“是通过HTTPS提供的,但当我在Docker中运行它的发布版本时,它是通过HTTP提供的,导致我的登录页面无法工作。如何通过HTTPS提供服务 完整错误是:AuthenticationService.js:1混合内容:位于的页面https://musicfusion.app/'已通
using Microsoft.AspNetCore.Authentication;
using Microsoft.AspNetCore.Builder;
using Microsoft.AspNetCore.Components.Authorization;
using Microsoft.AspNetCore.Identity;
using Microsoft.AspNetCore.Identity.UI;
using Microsoft.AspNetCore.HttpsPolicy;
using Microsoft.AspNetCore.Hosting;
using Microsoft.AspNetCore.ResponseCompression;
using Microsoft.EntityFrameworkCore;
using Microsoft.Extensions.Configuration;
using Microsoft.Extensions.DependencyInjection;
using Microsoft.Extensions.Hosting;
using System.Linq;
using Soundbox.Server.Data;
using Soundbox.Shared;
using System;
using Blazored.Toast;
using test.Server.Hubs;
using Microsoft.AspNetCore.Identity.UI.Services;
using test.Server.Services;
using Microsoft.AspNetCore.HttpOverrides;
namespace test.Server
{
public class Startup
{
public Startup(IConfiguration configuration)
{
Configuration = configuration;
}
public IConfiguration Configuration { get; }
// This method gets called by the runtime. Use this method to add services to the container.
// For more information on how to configure your application, visit https://go.microsoft.com/fwlink/?LinkID=398940
public void ConfigureServices(IServiceCollection services)
{
services.AddDbContext<ApplicationDbContext>(options =>
options.UseSqlite("Data Source=/data/test.db"));
services.AddBlazoredToast();
services.Configure<APIKeys>(this.Configuration.GetSection("APIKeys"));
services.Configure<AuthMessageSenderOptions>(this.Configuration.GetSection("Emails"));
services.Configure<ForwardedHeadersOptions>(options =>
{
options.ForwardedHeaders =
ForwardedHeaders.XForwardedFor | ForwardedHeaders.XForwardedProto;
});
services.AddDefaultIdentity<ApplicationUser>(options => options.SignIn.RequireConfirmedAccount = true)
.AddEntityFrameworkStores<ApplicationDbContext>();
services.AddIdentityServer()
.AddApiAuthorization<ApplicationUser, ApplicationDbContext>();
services.AddAuthentication()
.AddIdentityServerJwt();
//services.AddCors(options =>
//{
// options.AddPolicy("AllowSpecificOrigin",
// builder =>
// {
// builder
// .AllowAnyOrigin()
// .AllowAnyMethod()
// .AllowAnyHeader();
// });
//});
services.AddControllersWithViews();
// requires
// using Microsoft.AspNetCore.Identity.UI.Services;
// using WebPWrecover.Services;
services.AddTransient<IEmailSender, EmailSender>();
services.AddRazorPages();
services.AddSignalR();
services.AddResponseCompression(opts =>
{
opts.MimeTypes = ResponseCompressionDefaults.MimeTypes.Concat(
new[] { "application/octet-stream" });
});
}
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
{
app.UseResponseCompression();
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
app.UseDatabaseErrorPage();
app.UseWebAssemblyDebugging();
}
else
{
app.UseExceptionHandler("/Error");
// The default HSTS value is 30 days. You may want to change this for production scenarios, see https://aka.ms/aspnetcore-hsts.
app.UseHsts();
}
app.UseHttpsRedirection();
app.UseBlazorFrameworkFiles();
app.UseStaticFiles();
//app.UseCors("AllowSpecificOrigin");
app.UseRouting();
app.UseIdentityServer();
app.UseForwardedHeaders(new ForwardedHeadersOptions
{
ForwardedHeaders = ForwardedHeaders.XForwardedFor | ForwardedHeaders.XForwardedProto
});
app.UseAuthentication();
app.UseAuthorization();
app.UseEndpoints(endpoints =>
{
endpoints.MapRazorPages();
endpoints.MapControllers();
endpoints.MapHub<PlaylistHub>("/playlisthub");
endpoints.MapFallbackToFile("index.html");
});
UpdateDatabase(app);
}
private static void UpdateDatabase(IApplicationBuilder app)
{
using (var serviceScope = app.ApplicationServices
.GetRequiredService<IServiceScopeFactory>()
.CreateScope())
{
using (var context = serviceScope.ServiceProvider.GetService<ApplicationDbContext>())
{
context.Database.Migrate();
}
}
}
}
}
使用Microsoft.AspNetCore.Authentication;
使用Microsoft.AspNetCore.Builder;
使用Microsoft.AspNetCore.Components.Authorization;
使用Microsoft.AspNetCore.Identity;
使用Microsoft.AspNetCore.Identity.UI;
使用Microsoft.AspNetCore.HttpsPolicy;
使用Microsoft.AspNetCore.Hosting;
使用Microsoft.AspNetCore.ResponseCompression;
使用Microsoft.EntityFrameworkCore;
使用Microsoft.Extensions.Configuration;
使用Microsoft.Extensions.DependencyInjection;
使用Microsoft.Extensions.Hosting;
使用System.Linq;
使用Soundbox.Server.Data;
使用Soundbox.Shared;
使用制度;
使用Blazored.吐司;
使用test.Server.Hubs;
使用Microsoft.AspNetCore.Identity.UI.Services;
使用test.Server.Services;
使用Microsoft.AspNetCore.HttpOverrides;
命名空间测试服务器
{
公营创业
{
公共启动(IConfiguration配置)
{
配置=配置;
}
公共IConfiguration配置{get;}
//此方法由运行时调用。请使用此方法将服务添加到容器中。
//有关如何配置应用程序的更多信息,请访问https://go.microsoft.com/fwlink/?LinkID=398940
public void配置服务(IServiceCollection服务)
{
services.AddDbContext(选项=>
options.UseSqlite(“datasource=/Data/test.db”);
services.AddBlazoredToast();
services.Configure(this.Configuration.GetSection(“apikees”);
services.Configure(this.Configuration.GetSection(“电子邮件”);
配置(选项=>
{
options.ForwardedHeaders=
ForwardedHeaders.XForwardedFor | ForwardedHeaders.XForwardedProto;
});
services.AddDefaultIdentity(options=>options.SignIn.RequireConfirmedAccount=true)
.AddEntityFrameworkStores();
services.AddIdentityServer()
.addapi授权();
services.AddAuthentication()
.AddIdentityServerJwt();
//services.AddCors(选项=>
//{
//options.AddPolicy(“AllowSpecificCorigin”,
//生成器=>
// {
//建筑商
//.AllowAnyOrigin()
//.AllowAnyMethod()
//.AllowAnyHeader();
// });
//});
services.AddControllersWithViews();
//需要
//使用Microsoft.AspNetCore.Identity.UI.Services;
//使用WebPWrecover.Services;
services.AddTransient();
services.AddRazorPages();
services.AddSignalR();
services.AddResponseCompression(选项=>
{
opts.MimeTypes=ResponseCompressionDefaults.MimeTypes.Concat(
新[]{“应用程序/八位字节流”});
});
}
//此方法由运行时调用。请使用此方法配置HTTP请求管道。
public void配置(IApplicationBuilder应用程序、IWebHostEnvironment环境)
{
app.UseResponseCompression();
if(env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
app.UseDatabaseErrorPage();
app.UseWebAssemblyDebugging();
}
其他的
{
app.UseExceptionHandler(“/Error”);
//默认的HSTS值为30天。您可能希望在生产场景中更改此值,请参阅https://aka.ms/aspnetcore-hsts.
app.UseHsts();
}
app.UseHttpsRedirection();
app.UseBlazorFrameworkFiles();
app.UseStaticFiles();
//应用程序UseCors(“AllowSpecificCorigin”);
app.UseRouting();
app.UseIdentityServer();
app.UseForwardedHeaders(新ForwardedHeaders选项
{
ForwardedHeaders=ForwardedHeaders.XForwardedFor | ForwardedHeaders.XForwardedProto
});
app.UseAuthentication();
app.UseAuthorization();
app.UseEndpoints(端点=>
{
endpoints.MapRazorPages();
endpoints.MapControllers();
endpoints.MapHub(“/playliHub”);
MapFallbackToFile(“index.html”);
});
更新数据库(app);
}
私有静态void UpdateDatabase(IApplicationBuilder应用程序)
{
使用(var serviceScope=app.ApplicationServices)
.GetRequiredService()
.CreateScope())
{
使用(var context=serviceScope.ServiceProvider.GetService())
{
Migrate();
}
}
}
}
}
在服务器项目的startup.cs
中添加以下行似乎已经解决了这个问题:
app.Use((ctx, next) => { ctx.SetIdentityServerOrigin("https://www.my-domain-name-here.co.uk"); return next(); });
我也在为此挣扎。终于想出了一个解决办法。在Startup.ConfigureServices中,添加IdentityServer选项,如下所示:
services.AddIdentityServer(options =>
{
options.PublicOrigin = Configuration["PublicOrigin"];
})
然后将公共HTTPS源代码放在appsettings.json中(例如,
“PublicOrigin”:https://example.com“
)。解决方案是让Cloudflare强制所有流量使用HTTPS
编辑:要正确操作,请按照本教程进行操作
app.Use(async (ctx, next) =>
{
ctx.Request.Scheme = "https";
await next();
});