问题
I am doing a cors request from my
client: http://mypcname.companyname
to the servicestack
server: http://mypcname.companyname:83/customersInformation
Thats the request with javascript superagent library:
superagent.get(requestUrl)
.set('Authorization', "basictoken " + getToken())
.set('Accept', 'application/json')
.end(function (response) {
});
This get request works totally fine with the Web API! So the problem can not be the client side in my opinion.
Thats my service stack setup:
Plugins.Add(new CorsFeature(allowedOrigins: Settings.Default.SmartAllowedCorsOrigin, allowCredentials: true, allowedHeaders: "Content-Type, Authorization"));
RequestFilters.Add((httpReq, httpRes, requestDto) =>
{
if (httpReq.HttpMethod == "OPTIONS")
{
httpRes.End();
}
});
That is how I have setup the class with the customersInformation data:
[Route(RouteTemplate,"GET, OPTIONS",...)]
Since I use the options request filter from above the option 404 error is gone but now I have something even worse...:
OPTIONS http://mypcname.companyname:83/customersInformation Origin http://mypcname.companyname is not allowed by Access-Control-Allow-Origin.
What do I have to do on server side to make the cors finally working?
UPDATE
As Answer to mythz question getting the respone header data:
This is the raw data I get as response from the server using the default values on cors plugin: (fiddler raw tab)
HTTP/1.1 200 OK
Server: Microsoft-HTTPAPI/2.0
Date: Tue, 29 Oct 2013 10:04:48 GMT
Content-Length: 0
error in google chrome:
OPTIONS http://mypcname.companyname:83/customersInformation Origin http://mypcname.companyname is not allowed by Access-Control-Allow-Origin.
The Get method which should be called after the options (thats at least my expectation) is never hit probably due to the cors origion error and because not even the OPTIONS is allowed which happens before.
UPDATE 2
Request to the server:
OPTIONS http://mypcname.companyname:83/customersInformation HTTP/1.1
Host: mypcname.companyname:83
Connection: keep-alive
Cache-Control: no-cache
Pragma: no-cache
Access-Control-Request-Method: GET
Origin: http://mypcname.companyname
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/30.0.1599.101 Safari/537.36
Access-Control-Request-Headers: accept, authorization, x-requested-with
Accept: */*
Referer: http://mypcname.companyname/
Accept-Encoding: gzip,deflate,sdch
Accept-Language: de-DE,de;q=0.8,en-US;q=0.6,en;q=0.4
来源:https://stackoverflow.com/questions/19652547/servicestack-options-404-and-cors-origin