C# 404用于web.api cors选项
我遵循了在web.api中启用cors的常规步骤,但是在Chrome和Firefox中,我得到了对选项请求的404响应,我得到了C# 404用于web.api cors选项,c#,asp.net,http,asp.net-web-api,cors,C#,Asp.net,Http,Asp.net Web Api,Cors,我遵循了在web.api中启用cors的常规步骤,但是在Chrome和Firefox中,我得到了对选项请求的404响应,我得到了跨源请求阻止:同一源策略不允许在https://api.mydomain.com/api/1/widgets. 这可以通过将资源移动到同一域或启用CORS来解决。 在我的WebApiConfig.cs中,我有: var enableCorsAttribute = new EnableCorsAttribute("*", "*", "*"); config.EnableC
跨源请求阻止:同一源策略不允许在https://api.mydomain.com/api/1/widgets. 这可以通过将资源移动到同一域或启用CORS来解决。
在我的WebApiConfig.cs中,我有:
var enableCorsAttribute = new EnableCorsAttribute("*", "*", "*");
config.EnableCors(enableCorsAttribute);
我还尝试将EnableCors
属性添加到特定的控制器或操作中,所有这些都有相同的结果
我还在我的web.config中添加了以下内容:
<modules runAllManagedModulesForAllRequests="true">
<remove name="WebDAVModule" />
</modules>
<handlers>
<remove name="WebDAV" />
...
但在Chrome中的响应是404,在Firefox中的响应是“跨源请求被阻止”
以下是我的chrome开发者工具栏中失败请求的详细信息:
Remote Address:??.???.???.???:443
Request URL:https://api.mydomain.com/api/1/widgets
Request Method:OPTIONS
Status Code:404 Not Found
请求
OPTIONS /api/1/widgets HTTP/1.1
Host: api.mydomain.com
Connection: keep-alive
Access-Control-Request-Method: GET
Origin: http://myotherdomain.com
User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.143 Safari/537.36
Access-Control-Request-Headers: accept, authorization
Accept: */*
Referer: http://myotherdomain.com/
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-GB,en;q=0.8,en-US;q=0.6
回应
HTTP/1.1 404 Not Found
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: http://myotherdomain.com
Access-Control-Allow-Credentials: true
X-AspNetMvc-Version: 5.0
X-UA-Compatible: IE=edge,chrome=1
X-Frame-Options: SAMEORIGIN
Cache-conrol: no-store
Date: Thu, 28 Aug 2014 16:00:28 GMT
Content-Length: 341
我遗漏了什么?如果其他人也有同样的问题,这个问题是因为我们在IIS中使用了微软的优秀软件 UrlScan有一个节和一个节。确保允许使用选项谓词
public static class WebApiConfig
{
public static void Register(HttpConfiguration config)
{
var corsAttr = new EnableCorsAttribute("http://localhost:3000", "*", "*");
config.EnableCors(corsAttr);
config.Routes.MapHttpRoute("DefaultApiWithId", "Api/{controller}/{id}", new { id = RouteParameter.Optional }, new { id = new GuidConstraint() });
config.Routes.MapHttpRoute("DefaultApiWithAction", "Api/{controller}/{action}");
config.Routes.MapHttpRoute("DefaultApiGet", "Api/{controller}", new { action = "Get" }, new { httpMethod = new HttpMethodConstraint(HttpMethod.Get) });
config.Routes.MapHttpRoute("DefaultApiPost", "Api/{controller}", new { action = "Post" }, new { httpMethod = new HttpMethodConstraint(HttpMethod.Post) });
config.Routes.MapHttpRoute("DefaultApiOptions", "Api/{controller}", new { action = "Options" }, new { httpMethod = new HttpMethodConstraint(HttpMethod.Options) });
}
}
最后一行可以解决.Net WebApi的问题谢谢您的提示!在我的例子中,我使用
MapHttpRoute
配置了我的路由,由于System.Web.Http.Routing.HttpMethodConstraint
+5这花了我整整一天的时间,终于赶上了它!。我在这里回答了这个问题:,IIS是阻止选项动词。
public static class WebApiConfig
{
public static void Register(HttpConfiguration config)
{
var corsAttr = new EnableCorsAttribute("http://localhost:3000", "*", "*");
config.EnableCors(corsAttr);
config.Routes.MapHttpRoute("DefaultApiWithId", "Api/{controller}/{id}", new { id = RouteParameter.Optional }, new { id = new GuidConstraint() });
config.Routes.MapHttpRoute("DefaultApiWithAction", "Api/{controller}/{action}");
config.Routes.MapHttpRoute("DefaultApiGet", "Api/{controller}", new { action = "Get" }, new { httpMethod = new HttpMethodConstraint(HttpMethod.Get) });
config.Routes.MapHttpRoute("DefaultApiPost", "Api/{controller}", new { action = "Post" }, new { httpMethod = new HttpMethodConstraint(HttpMethod.Post) });
config.Routes.MapHttpRoute("DefaultApiOptions", "Api/{controller}", new { action = "Options" }, new { httpMethod = new HttpMethodConstraint(HttpMethod.Options) });
}
}