从.net MVC API控制器在Angle App中下载文件时被CORS策略错误阻止

Question

我正在尝试从角度8应用程序从asp.net Web API下载文件，并收到CORS错误。为我的Web API的所有控制器启用了CORS。如果我不返回流，那么它将正常工作，当api返回流时，CORS错误开始引发。

API代码：-

    var stream = new MemoryStream(pck.GetAsByteArray());
    stream.Flush();
    stream.Position = 0;

    response.ClearContent();
    response.Clear();
    response.Buffer = true;
    response.Charset = "";
    response.Cache.SetCacheability(HttpCacheability.NoCache);
    response.AddHeader("content-disposition", "attachment; filename=" + filename);
    response.ContentType = "application/vnd.openxmlformats-officedocument.spreadsheetml.sheet";

    var data = new byte[stream.Length];
    stream.Read(data, 0, data.Length);
    stream.Close();
    response.BinaryWrite(data);
    response.Flush();
    response.End();

角度代码：-

let options = new RequestOptions({responseType: ResponseContentType.Blob, headers });
this.http.get(url,{  observe: 'response', responseType: 'blob'} ).subscribe((response)=>{
const blob = new Blob([response.body],
{ type: 'application/vnd.openxmlformats-officedocument.spreadsheetml.sheet' });
const file = new File([blob], 'reports.xlxs',
{ type: 'application/vnd.openxmlformats-officedocument.spreadsheetml.sheet' });
saveAs(file);
});

一旦订阅被调用，我开始出现错误提示。当我调试它时，将执行api的所有代码并返回以下错误。

错误：- CORS策略已阻止从来源“ http://localhost:19119//offers/42428/export/orderDetails”访问“ http://localhost:4200”处的XMLHttpRequest：请求的资源上没有“ Access-Control-Allow-Origin”标头。

谢谢

Answer 1

似乎您应该在asp.net应用程序中启用 CORS 。这是服务器端错误。

在Visual Studio中，从“工具”菜单中选择“ NuGet程序包管理器”，然后选择“程序包管理器控制台”。在“程序包管理器控制台”窗口中，键入以下命令：

import sys

from PyQt5.QtWidgets import QApplication, QMainWindow, QGraphicsView, QGraphicsScene, QGraphicsPathItem
from PyQt5.QtGui import QPainterPath, QPen
from PyQt5.QtCore import Qt
from PyQt5.uic import loadUi

# Based on code from https://stackoverflow.com/a/44248794/7481773

class MainWindow(QMainWindow):
    def __init__(self):
        super().__init__()
        loadUi("mainwindow.ui", self)

        self.verticalLayout_top_left.addWidget(GraphicsView())
        self.verticalLayout_top_right.addWidget(GraphicsView())
        self.verticalLayout_bottom_left.addWidget(GraphicsView())
        self.verticalLayout_bottom_right.addWidget(GraphicsView())


class GraphicsView(QGraphicsView):
    def __init__(self):
        super().__init__()
        self.start = None
        self.end = None

        self.setScene(QGraphicsScene())
        self.path = QPainterPath()
        self.item = GraphicsPathItem()
        self.scene().addItem(self.item)

        self.contents_rect = self.contentsRect()
        self.setSceneRect(0, 0, self.contents_rect.width(), self.contents_rect.height())
        self.setHorizontalScrollBarPolicy(Qt.ScrollBarAlwaysOff)
        self.setVerticalScrollBarPolicy(Qt.ScrollBarAlwaysOff)

    def mousePressEvent(self, event):
        self.start = self.mapToScene(event.pos())
        self.path.moveTo(self.start)

    def mouseMoveEvent(self, event):
        self.end = self.mapToScene(event.pos())
        self.path.lineTo(self.end)
        self.start = self.end
        self.item.setPath(self.path)


class GraphicsPathItem(QGraphicsPathItem):
    def __init__(self):
        super().__init__()
        pen = QPen()
        pen.setColor(Qt.black)
        pen.setWidth(5)
        self.setPen(pen)


def main():
    app = QApplication(sys.argv)
    main_window = MainWindow()
    main_window.show()
    app.exec_()


if __name__ == "__main__":
    main()

有关如何在Web API中启用CORS的更多信息，请参见以下链接：

Enable cross-origin requests in ASP.NET Web API 2

Answer 2

在HttpResponse中添加以下代码行解决了我的问题。

response.AddHeader("Access-Control-Allow-Origin", "*");