Post IIS拦截飞行前MVC6
我正在尝试启用CORS,允许我的angular应用程序与新的MVC6 Web Api对话 “GET”有效,但“POST”无效,因为CORS飞行前先发送。IIS拦截此预飞行并作出响应 在WebApi2中,我能够使用以下web.config设置阻止IIS拦截预飞行Post IIS拦截飞行前MVC6,post,cors,options,asp.net-core-mvc,preflight,Post,Cors,Options,Asp.net Core Mvc,Preflight,我正在尝试启用CORS,允许我的angular应用程序与新的MVC6 Web Api对话 “GET”有效,但“POST”无效,因为CORS飞行前先发送。IIS拦截此预飞行并作出响应 在WebApi2中,我能够使用以下web.config设置阻止IIS拦截预飞行 <configuration> <system.webServer> <handlers> <remove name="ExtensionlessUrlHandler-In
<configuration>
<system.webServer>
<handlers>
<remove name="ExtensionlessUrlHandler-Integrated-4.0" />
<remove name="OPTIONSVerbHandler" />
<remove name="TRACEVerbHandler" />
<add name="ExtensionlessUrlHandler-Integrated-4.0" path="*." verb="GET, HEAD, POST, DEBUG, DELETE, PUT, PATCH, OPTIONS" type="System.Web.Handlers.TransferRequestHandler" preCondition="integratedMode,runtimeVersionv4.0" />
</handlers>
</system.webServer>
</configuration>
我可以在新的MVC6 WebApi中完成这两项工作,但由于某些原因,我无法让IIS停止拦截“选项”飞行前
我在MVC中使用了这段代码,我相信如果我只能让IIS停止拦截“选项”请求,它就会起作用
有没有人处理过这个问题,或者有一个MVC6和CORS一起工作的例子
谢谢我建议一个工作正常的人:
app.Use(async (context, next) =>
{
context.Response.Headers.Add("Access-Control-Allow-Origin", "*");
context.Response.Headers.Add("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE, OPTIONS");
context.Response.Headers.Add("Access-Control-Allow-Headers", new[] { "Content-Type, x-xsrf-token" });
if (context.Request.Method == "OPTIONS")
{
context.Response.StatusCode = 200;
}
else
{
await next();
}
});
如果有人想下载并试一试,我已经在GitHub上创建了一个回购协议。您将需要Visual Studio 2015。复制
app.Use(async (httpContext, next) =>
{
httpContext.Response.OnSendingHeaders((state) =>
{
if (httpContext.Request.Path.Value.Contains("api/") && httpContext.Request.Method == "OPTIONS")
{
httpContext.Response.Headers.Add("Access-Control-Allow-Origin", new[] { httpContext.Request.Headers["Origin"] });
httpContext.Response.Headers.Add("Access-Control-Allow-Headers", new[] { "Origin, X-Requested-With, Content-Type, Accept" });
httpContext.Response.Headers.Add("Access-Control-Allow-Methods", new[] { "GET, POST, PUT, DELETE, OPTIONS" });
httpContext.Response.Headers.Add("Access-Control-Allow-Credentials", new[] { "true" });
return;
}
}, null);
await next();
});
app.Use(async (context, next) =>
{
context.Response.Headers.Add("Access-Control-Allow-Origin", "*");
context.Response.Headers.Add("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE, OPTIONS");
context.Response.Headers.Add("Access-Control-Allow-Headers", new[] { "Content-Type, x-xsrf-token" });
if (context.Request.Method == "OPTIONS")
{
context.Response.StatusCode = 200;
}
else
{
await next();
}
});