我有一个老式的asp.net Webforms站点,不久前它已经使用了mvc。所有的mvc工作正常,所以我认为添加一个新的控制器来从jquery调用将很容易。没那么多。我通过google或在此处找到的所有内容都为我提供了.net CORE的解决方案(不是),也没有提供以下代码。但是下面的代码不起作用,我不知道该怎么办。
web.config
<httpProtocol>
<customHeaders>
<clear />
<add name="Access-Control-Allow-Origin" value="*" />
<add name="Access-Control-Allow-Methods" value="GET,POST" />
<add name="Access-Control-Allow-Headers" value="X-AspNet-Version,X-Powered-By,Date,Server,Accept,Accept-Encoding,Accept-Language,Cache-Control,Connection,Content-Length,Content-Type,Host,Origin,Pragma,Referer,User-Agent" />
</customHeaders>
</httpProtocol>
添加cors操作过滤条件属性
public class AllowCrossSiteJsonAttribute : ActionFilterAttribute
{
public override void OnActionExecuting(ActionExecutingContext filterContext)
{
filterContext.RequestContext.HttpContext.Response.AddHeader("Access-Control-Allow-Origin", "*");
base.OnActionExecuting(filterContext);
}
}
在控制器中使用
[AllowCrossSiteJson]
[System.Web.Http.HttpPost]
public JsonResult all(QuoteRequest request)
{
return Json(new QuoteResponses
{
ExpressQuote = express(request),
PremiumQuote = premium(request),
CorpToCorpQuote = corptocorp(request)
});
}
非常奇怪的是,如果我通过带有常规职位的邮递员来称呼此端点,则它可以正常工作。但是,用jquery的帖子调用它会给我cors错误...
Access to XMLHttpRequest at 'xxxxxxxxx' from origin 'xxxxxxxx' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: Redirect is not allowed for a preflight request.
我还能做什么或尝试?
编辑/更新
我最终删除了上面显示的所有代码,并将其添加到我的全局代码中。现在效果很好。
protected void Application_BeginRequest(object sender, EventArgs e)
{
var res = HttpContext.Current.Response;
var req = HttpContext.Current.Request;
res.AppendHeader("Access-Control-Allow-Origin", "*");
res.AppendHeader("Access-Control-Allow-Credentials", "true");
res.AppendHeader("Access-Control-Allow-Headers", "Content-Type, X-CSRF-Token, X-Requested-With, Accept, Accept-Version, Content-Length, Content-MD5, Date, X-Api-Version, X-File-Name");
res.AppendHeader("Access-Control-Allow-Methods", "POST,GET,OPTIONS");
// ==== Respond to the OPTIONS verb =====
if (req.HttpMethod == "OPTIONS")
{
res.StatusCode = 200;
res.End();
}
}