我正在做我的
的cors请求客户:http://mypcname.companyname
到servicestack
服务器:http://mypcname.companyname:83/customersInformation
请求使用javascript superagent库:
superagent.get(requestUrl)
.set('Authorization', "basictoken " + getToken())
.set('Accept', 'application/json')
.end(function (response) {
});
此获取请求与 Web API 完全一致!因此,在我看来,问题不能成为客户方。
这就是我的服务堆栈设置:
Plugins.Add(new CorsFeature(allowedOrigins: Settings.Default.SmartAllowedCorsOrigin, allowCredentials: true, allowedHeaders: "Content-Type, Authorization"));
RequestFilters.Add((httpReq, httpRes, requestDto) =>
{
if (httpReq.HttpMethod == "OPTIONS")
{
httpRes.End();
}
});
这就是我使用customersInformation数据设置类的方法:
[Route(RouteTemplate,"GET, OPTIONS",...)]
由于我使用上面的选项请求过滤器,选项404错误消失了,但现在我有更糟糕的事情......:
OPTIONS http://mypcname.companyname:83/customersInformation Origin http://mypcname.companyname is not allowed by Access-Control-Allow-Origin.
我需要在服务器端做些什么才能让cors最终工作?
更新
作为对mythz问题的回答获取respone标题数据:
这是我使用cors插件上的默认值从服务器获得的原始数据:(fiddler raw 标签)
HTTP/1.1 200 OK
Server: Microsoft-HTTPAPI/2.0
Date: Tue, 29 Oct 2013 10:04:48 GMT
Content-Length: 0
错误:
OPTIONS http://mypcname.companyname:83/customersInformation Origin http://mypcname.companyname is not allowed by Access-Control-Allow-Origin.
应该在选项之后调用的Get方法(至少是我的期望)从未被命中,这可能是由于cors原始错误而导致的,因为即使OPTIONS被允许也不会发生。
更新2
请求服务器:
OPTIONS http://mypcname.companyname:83/customersInformation HTTP/1.1
Host: mypcname.companyname:83
Connection: keep-alive
Cache-Control: no-cache
Pragma: no-cache
Access-Control-Request-Method: GET
Origin: http://mypcname.companyname
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/30.0.1599.101 Safari/537.36
Access-Control-Request-Headers: accept, authorization, x-requested-with
Accept: */*
Referer: http://mypcname.companyname/
Accept-Encoding: gzip,deflate,sdch
Accept-Language: de-DE,de;q=0.8,en-US;q=0.6,en;q=0.4