0
点赞
收藏
分享

微信扫一扫

NET6 WebAPI解决跨域问题

安七月读书 2022-03-12 阅读 64

解决跨域问题

  • 环境:NET 6
  • 项目:WebAPI+Vue
// 设置允许所有来源跨域
app.UseCors(options =>
{
       options.AllowAnyHeader();
       options.AllowAnyMethod();
       options.AllowAnyOrigin();
       options.AllowCredentials();
});

// 设置只允许特定来源可以跨域
app.UseCors(options =>
{
        options.WithOrigins("http://localhost:3000", "http://127.0.0.1"); // 允许特定ip跨域
        options.AllowAnyHeader();
        options.AllowAnyMethod();
        options.AllowCredentials();
});

问题还原

Access to XMLHttpRequest at ‘(请求路径)’ from origin
‘http://localhost:8080’ has been blocked by CORS policy:
No ‘Access-Control-Allow-Origin’ header is present on the requested resource.

浏览器和服务器实现跨域(CORS)判定的原理

解决方式
添加受信赖的域

var MyAllowSpecificOrigins = "_myAllowSpecificOrigins";

app.UseCors(MyAllowSpecificOrigins);//启用跨域问题

//Program.cs

builder.Services.AddCors(options =>
{
    options.AddPolicy(name: MyAllowSpecificOrigins,
                      builder =>
                      {
                         //添加收信赖的地址
                          builder.WithOrigins("http://localhost/8080", "http://localhost/8081")
                          .AllowAnyHeader()
                          .AllowAnyMethod()
                          .AllowCredentials();
                      });
}); 

或者在配置文件中配置

//Program.cs
builder.Services.AddCors(options =>
{
    options.AddPolicy(MyAllowSpecificOrigins, builder =>
    {
        builder
            .WithOrigins(
                configuration["App:CorsOrigins"]
                    .Split(",", StringSplitOptions.RemoveEmptyEntries)
                    .ToArray()
            )
            .SetIsOriginAllowedToAllowWildcardSubdomains()
            .AllowAnyHeader()
            .AllowAnyMethod()
            .AllowCredentials();
    });
});

//appsetting.json
"App": {
    "CorsOrigins": "http://localhost/8080"

}

允许所有域
builder.Services.AddCors(options =>
{
    options.AddPolicy(MyAllowSpecificOrigins, builder =>
    {
        builder.AllowAnyMethod()
                     .SetIsOriginAllowed(_ => true)
                     .AllowAnyHeader()
                     .AllowCredentials();
    });
});
举报

相关推荐

0 条评论