Core 2.1 refuses to respond with Access-Control-Expose-Headers: *

前端 未结 1 1919
半阙折子戏
半阙折子戏 2020-12-16 17:42

I must be doing something wrong here but I can\'t figure it out; it seems to be a CORS issue from what I can tell. I need to expose Access-Control-Expose-Headers: *

相关标签:
1条回答
  • 2020-12-16 18:20

    The CorsPolicyBuilder's AllowAnyHeader method configures the Access-Control-Allow-Headers response header, which is used only for preflighted requests. The Access-Control-Expose-Headers response header is what's needed, which is configured using WithExposedHeaders.

    Here's a complete example:

    services.AddCors(options =>
    {
        options.AddPolicy("AllowAll", builder =>
        {
            builder.AllowAnyHeader()
                   .AllowAnyMethod()
                   .AllowAnyOrigin()
                   .AllowCredentials()
                   .WithExposedHeaders("Location"); // params string[]
        });
    });
    
    0 讨论(0)
提交回复
热议问题