asp.net webapi 跨域问题解决 No 'Access-Control-Allow-Origin' header i

老子叫甜甜 提交于 2020-02-03 01:10:12

一、基础解决方案(基础配置)

通过Ajax调用web api路径时报错:

No 'Access-Control-Allow-Origin' header is present on the requested resource.

C#自带的web api并不能支持跨域访问,如果需要,可以更改配置来实现。

1、更改Web.config文件,加上如下代码

<httpProtocol>
      <customHeaders>
        <add name="Access-Control-Allow-Origin" value="*"/>
        <add name="Access-Control-Allow-Headers" value="Content-Type,Token" />
        <add name="Access-Control-Allow-Methods" value="GET, POST, PUT, DELETE, OPTIONS" />
      </customHeaders>
</httpProtocol>

2、然后需要配置Global.asax文件

插入如下代码:

       /// <summary>
        /// 配置Ajax跨域访问
        /// </summary>
        /// <param name="sender"></param>
        /// <param name="e"></param>
        protected void Application_BeginRequest(object sender, EventArgs e)
        {
            if (Request.HttpMethod.ToUpper() == "OPTIONS")
            {
                Response.StatusCode = 200;
                Response.End();
            }
        }

配置这两个文件之后,web api就可以跨域访问了。

二、跨域产生异常的解决方案

1、webapi处理OPTIONS请求 报错1信息

Access to XMLHttpRequest at 'https://localhost:4445/api/v/getmsg' from origin 'https://localhost:9528' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: The value of the 'Access-Control-Allow-Origin' header in the response must not be the wildcard '*' when the request's credentials mode is 'include'. The credentials mode of requests initiated by the XMLHttpRequest is controlled by the withCredentials attribute.

解决方案:把value值改成特定的域名

<system.webserver>   
  <httpprotocol>
    <customheaders>
      "Access-Control-Allow-Origin" value="https://localhost:8083" />
  </customheaders>
</httpprotocol>    
</system.webserver>

2、Access to XMLHttpRequest at 'https://localhost:4445/api/v/getmsg' from origin 'https://localhost:9528' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: The value of the 'Access-Control-Allow-Credentials' header in the response is '' which must be 'true' when the request's credentials mode is 'include'. The credentials mode of requests initiated by the XMLHttpRequest is controlled by the withCredentials attribute.

配置行继续添加

<"Access-Control-Allow-Credentials" value="true" />

3、It does not have HTTP ok status Ajax请求一般会做options状态监测,需要返回200

Access to XMLHttpRequest at 'https://localhost:4445/api/v/getmsg' from origin 'https://localhost:9528' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: It does not have HTTP ok status.

        Global.asax 中添加
        /// <summary>
        /// 配置Ajax跨域访问
        /// </summary>
        /// <param name="sender"></param>
        /// <param name="e"></param>
        protected void Application_BeginRequest(object sender, EventArgs e)
        {
            if (Request.HttpMethod.ToUpper() == "OPTIONS")
            {
                Response.StatusCode = 200;
                Response.End();
            }
       }

 

 

 

 

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!