C# .net core 2.1 CORS api
我有一个api来处理post ajax请求。当我调用它时,我得到了臭名昭著的Cors错误消息: CORS策略已阻止从源“”访问“”处的XMLHttpRequest:请求的资源上不存在“访问控制允许源”标头 没问题。我以前做过,他们有很多资源(例如)描述如何向初创公司添加cors策略。问题是我似乎无法让它工作 这是我的Sartup.cs:C# .net core 2.1 CORS api,c#,ajax,.net-core,C#,Ajax,.net Core,我有一个api来处理post ajax请求。当我调用它时,我得到了臭名昭著的Cors错误消息: CORS策略已阻止从源“”访问“”处的XMLHttpRequest:请求的资源上不存在“访问控制允许源”标头 没问题。我以前做过,他们有很多资源(例如)描述如何向初创公司添加cors策略。问题是我似乎无法让它工作 这是我的Sartup.cs: public class Startup { public Startup(IConfiguration configuration) {
public class Startup
{
public Startup(IConfiguration configuration)
{
Configuration = configuration;
}
readonly string MyAllowSpecificOrigins = "_myAllowSpecificOrigins";
public IConfiguration Configuration { get; }
// This method gets called by the runtime. Use this method to add services to the container.
public void ConfigureServices(IServiceCollection services)
{
services.AddCors(options =>
{
options.AddPolicy(MyAllowSpecificOrigins,
builder =>
{
builder.WithOrigins("*").AllowAnyMethod().AllowAnyHeader().AllowAnyOrigin();
});
});
services.AddDbContext<ApplicationDbContext>(options =>
options.UseSqlServer(Configuration.GetConnectionString("DefaultConnection")));
services.AddIdentity<ApplicationUser, IdentityRole>(options =>
{
// User settings
options.User.RequireUniqueEmail = true;
options.SignIn.RequireConfirmedEmail = true;
// Password settings
options.Password.RequireDigit = true;
options.Password.RequiredLength = 8;
options.Password.RequiredUniqueChars = 1;
options.Password.RequireLowercase = false;
options.Password.RequireNonAlphanumeric = true;
options.Password.RequireUppercase = false;
})
.AddEntityFrameworkStores<ApplicationDbContext>()
.AddDefaultTokenProviders();
// Add application services.
services.AddTransient<IEmailSender, EmailSender>();
services.AddAntiforgery(o => o.SuppressXFrameOptionsHeader = true);
services.AddMvc(options =>
{
options.Filters.Add(new AutoValidateAntiforgeryTokenAttribute());
});
}
public void Configure(IApplicationBuilder app, IHostingEnvironment env,
RoleManager<IdentityRole> roleManager, IServiceProvider serviceProvider)
{
app.UseCors(MyAllowSpecificOrigins);
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
app.UseBrowserLink();
app.UseDatabaseErrorPage();
app.UseCors(MyAllowSpecificOrigins);
}
else
{
app.UseExceptionHandler("/Home/Error");
app.UseCors(MyAllowSpecificOrigins);
}
app.UseStaticFiles();
app.UseAuthentication();
app.UseMvc(routes =>
{
routes.MapRoute(
name: "default",
template: "{controller=Home}/{action=Index}/{id?}");
});
//UserDbContextSeed.Seed(serviceProvider).Wait();
}//Configure
}
[Route("[action]")]
[HttpPost]
[IgnoreAntiforgeryToken]
public IActionResult Post_Data(model v){......}
$.ajax({
type: 'POST',
url: 'Myserver/api/v23/Post_Data',
dataType: 'json',
contentType: "application/json", //
data: JSON.stringify(Param),
success: function (result) {
console.log(results);
},
error: function (request, status, error) {
console.log(error);
}
});
有什么建议吗?尝试将AddCors的语法更改为:
services.AddCors(o => o.AddPolicy(AllowSpecificOrigins, builder =>
{
builder.AllowAnyOrigin()
.AllowAnyMethod()
.AllowAnyHeader();
}));
尝试将AddCors的语法更改为:
services.AddCors(o => o.AddPolicy(AllowSpecificOrigins, builder =>
{
builder.AllowAnyOrigin()
.AllowAnyMethod()
.AllowAnyHeader();
}));
对于那些想知道改变了什么的人,Sergey让我移除。WithOriginations(“*”)。就像一个符咒。对于那些想知道改变了什么的人,Sergey让我移除。WithOriginations(“*”)。就像一个符咒。