问题
I am building a bunch of Web Services using C# and the Web API. The services will be accessible from multiple web apps, and multiple native apps. The application manages a list of authorized domains, and a list of authorized app ID's (to be used with native apps).
I am looking for a way to detect the domain a web app is being hosted on, so that I can compare that domain name against my list of authorized domains. So far, the only properties I can find in the request context are properties which define what domain the client/web app is calling, which is not what I want.
For example: If an app is hosted on externalapp.com, and is making a request to my api on api.myawesomeapi.com, I want to know that the client is hosted on externalapp.com. But when reviewing the request data, the only information I am find is stuff saying that the client is requesting a resource on "api.myawesomeapi.com".
I expect requests coming from a native app (android, iOS, etc) to not have a client domain, and requests coming from a web app to have a client domain. (client domain, host domain, whatever it should be called).
I have looked at other posts on stackoverflow, and found recommendations to use: Request.Headers.Referrer. In my case, all the web apps are null and the native app is also null. This doesn't appear to be an option for me.
回答1:
You can use:
var referrer = Request.Headers.Referrer;
if (referrer!=null)
{
string client = referrer.GetLeftPart(UriPartial.Authority);
}
来源:https://stackoverflow.com/questions/37197081/web-api-detecting-client-domain