CORS Policy has been blocked my subdomain

前端未结

关注

 2  1084

你的背包 2021-01-28 09:13

I have a same domain, one of them is domain without prefix www. For example,

https://www.example.com
https://example.com

First domain works

2条回答

长情又很酷 (楼主)

2021-01-28 09:43

You can't use AllowAnyOrigin with AllowCredentials. Below is an example that allows wildcard domains with CORS.

This code goes in ConfigureServices:

services.AddCors(options =>
        {
            options.AddPolicy("_AllowOrigin",
                builder => builder
                    .SetIsOriginAllowedToAllowWildcardSubdomains()
                    .WithOrigins("https://localhost:44385", "https://*.azurewebsites.net", "http://*.azurewebsites.net")
                    .AllowAnyHeader()
                    .AllowAnyMethod()
                    .AllowCredentials()
                );
        });

Don't forget to decorate your action in your controller:

    [EnableCors("_AllowOrigin")]

0 讨论(0)

查看其它2个回答