大家好!
我正在努力在Asp.Core项目中配置CORS。
这是我的Startup.cs文件:
<pylearn2.datasets.cifar10.CIFAR10 at 0xde605f8>这是我的要求:
using Microsoft.AspNetCore.Builder;
using Microsoft.AspNetCore.Mvc;
using Microsoft.Extensions.DependencyInjection;
using System.IdentityModel.Tokens.Jwt;
using Microsoft.AspNetCore.Mvc.Cors.Internal;
namespace Api
{
public class Startup
{
public void ConfigureServices(IServiceCollection services)
{
services.AddMvcCore()
.AddJsonFormatters()
.AddAuthorization();
services.AddCors(options =>
{
options.AddPolicy("AllowSpecificOrigin",
builder => builder.WithOrigins("http://localhost:54540").AllowAnyHeader().AllowAnyMethod().AllowCredentials());
}
);
services.Configure<MvcOptions>(options =>
{
options.Filters.Add(new CorsAuthorizationFilterFactory("AllowSpecificOrigin"));
});
}
public void Configure(IApplicationBuilder app)
{
JwtSecurityTokenHandler.DefaultInboundClaimTypeMap.Clear();
app.UseIdentityServerAuthentication(new IdentityServerAuthenticationOptions
{
Authority = "http://localhost:54540",
RequireHttpsMetadata = false,
ScopeName = "api1",
AutomaticAuthenticate = true
});
app.UseMvc();
app.UseCors("AllowSpecificOrigin");
}
}
}
我收到了这个回复:
$.ajax({
type: "GET",
url: "http://localhost:1773/Claims/",
headers: {
Authorization: "Bearer " + getUrlParameter("access_token"),
},
xhrFields: {
withCredentials: true
}
}).done(function (data) {
alert(data);
});
我在控制器中添加了[EnableCors(“AllowSpecificOrigin”)]。
如果有人可以帮助我,我将非常感激。
答案 0 :(得分:1)
如果在CORS中间件之前添加MVC / IdentityServer中间件它将无法工作,因为IdentityServer中间件(假设/ Claims由它处理)将处理请求,并且不会调用后来的MVC和CORS中间件。