我想在我的ASP.NET核心API中启用CORS。因此,我在项目中添加了Microsoft.AspNetCore.Cors包,并在API中添加了以下代码:
Startup.cs
public void ConfigureServices(IServiceCollection services)
{
String connectionName = "DefaultConnection";
services.AddDbContext<CityContext>(options => options.UseSqlServer(Configuration.GetConnectionString(connectionName)));
services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_2_1);
services.AddCors();
}
public void Configure(IApplicationBuilder app, IHostingEnvironment env)
{
app.UseCors(builder => builder
.AllowAnyOrigin()
.AllowAnyHeader()
.AllowAnyMethod()
.AllowCredentials());
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
else
{
app.UseHsts();
}
app.UseMvc();
}
但这似乎还不够。对我的API的任何GET请求的标头都仍然相同:
Content-Type application/json; charset=utf-8
Date Sat, 13 Oct 2018 17:20:50 GMT
Server Kestrel
Transfer-Encoding chunked
X-Powered-By ASP.NET
X-SourceFiles ...
但是我希望这里有 Access-Control-Allow-Origin -属性。