调用令牌服务时,Web api跨域请求阻止错误。其他服务工作

时间:2019-01-23 01:00:12

标签: c# asp.net-web-api

我有一个单独的Web api项目和一个简单的UI项目。要在UI项目中访问Web api,我已在CORS

中启用了WebApiConfig.cs 
    var cors = new EnableCorsAttribute("http://localhost:49567", "*", "*","*");
    config.EnableCors(cors);

AccountController.cs中,当[Authorize]被禁用时,我可以使用ajax从UI html项目页面访问API。

$.ajax({
        type: "GET",
        url: "http://localhost:51401/api/Account/UserInfo",
        data: "",
        contentType: "application/json; charset=utf-8",
        success: VerifyResponse,
        dataType: "json",
        crossDomain: true,
        failure: ajaxCallFailed});

但是当我想启用[Authorize]来通过首先调用/token来创建令牌认证时,错误Cross-Origin Request Blocked:会在html中重复出现。

$.ajax({
    method: "POST",
    url: "http://localhost:51401/Token",
    data: {
        username: $('#username').val(),
        password: $('#password').val(),
        grant_type: 'password'
    },
    contentType: "application/json",
    success: VerifyResponse,
    dataType: "json",
    crossDomain: true,
    failure: ajaxCallFailed
    });

在@ arista_14建议进行修改之后,现在我在Web api项目中的web.config 

<system.webServer>
    <modules>
      <remove name="FormsAuthentication" />
      <remove name="ApplicationInsightsWebTracking" />
      <add name="ApplicationInsightsWebTracking" type="Microsoft.ApplicationInsights.Web.ApplicationInsightsHttpModule, Microsoft.AI.Web" preCondition="managedHandler" />
    </modules>

    <validation validateIntegratedModeConfiguration="false" />
  <handlers>
      <remove name="ExtensionlessUrlHandler-Integrated-4.0" />
      <remove name="OPTIONSVerbHandler" />
      <remove name="TRACEVerbHandler" />
      <add name="ExtensionlessUrlHandler-Integrated-4.0" path="*." verb="*" type="System.Web.Handlers.TransferRequestHandler" preCondition="integratedMode,runtimeVersionv4.0" />
    </handlers>
<httpProtocol>
   <customHeaders>
       <add name="Access-Control-Allow-Origin" value="*" />
       <add name="Access-Control-Allow-Headers" value="Content-Type" />
       <add name="Access-Control-Allow-Credentials" value="true" />
       <add name="Access-Control-Allow-Methods" value="GET, POST, OPTIONS" />
   </customHeaders>
</httpProtocol> 
  </system.webServer>

现在错误是:

Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at http://localhost:51401/Token. (Reason: CORS preflight channel did not succeed).[Learn More]
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at http://localhost:51401/Token. (Reason: CORS request did not succeed).[Learn More]

2 个答案:

答案 0 :(得分:0)

我遇到了同样的问题。只需将这段代码放在web.config中即可。它对我有用-

<httpProtocol>
   <customHeaders>
       <add name="Access-Control-Allow-Origin" value="*" />
       <add name="Access-Control-Allow-Headers" value="Content-Type" />
       <add name="Access-Control-Allow-Credentials" value="true" />
       <add name="Access-Control-Allow-Methods" value="GET, POST, OPTIONS" />
   </customHeaders>
</httpProtocol>

答案 1 :(得分:0)

出现跨域阻塞的原因是因为端口不同。您在CORS中指定了以下网址:http://localhost 49567

但是请继续使用以下网址进行调用:http://localhost 51401

请注意端口的差异。实际上,在将本地主机端口设置为一时不变的情况下,我确实遇到了同样的问题。

我还做了另一个答案显示的配置,这没用。

相关问题
最新问题