我需要将CORS支持添加到.NET Core 3.1 API(以前是2.2,但我决定同时进行更新)。我以为这会很容易。这里的文档:https://docs.microsoft.com/en-us/aspnet/core/security/cors?view=aspnetcore-3.1看起来很简单。我想在所有端点上支持相同的CORS策略。因此,我认为我可以不理会控制器,而只是对startup.cs进行更改。我想念什么?
我有一个POST端点,但是OPTIONS请求返回405错误。我以为应该由CORS中间件来处理请求,所以我不必在控制器内部完全考虑到CORS。
Startup.cs
namespace MyAPI
{
public class Startup
{
readonly String ALLOW_ALL = "AllowAll";
public Startup(IConfiguration configuration)
{
Configuration = configuration;
}
public IConfiguration Configuration { get; }
// This method gets called by the runtime. Use this method to add services to the container.
public void ConfigureServices(IServiceCollection services)
{
// services.Configure<IISOptions>(options =>
// {
// options.AutomaticAuthentication = true;
// });
services.AddLogging();
services.AddCors(options =>
{
options.AddDefaultPolicy(builder =>
{
builder
.AllowAnyOrigin()
.AllowAnyMethod()
.AllowAnyHeader();
// .AllowCredentials();
});
});
services.AddMvc(MvcOptions => MvcOptions.EnableEndpointRouting = false);
}
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app, IHostingEnvironment env)
{
app.UseRouting();
// if (env.IsDevelopment())
// {
// app.UseDeveloperExceptionPage();
app.UseCors();
// }
app.UseEndpoints(endpoints => endpoints.MapControllers());
app.UseMvc();
}
}
}
MyController.cs
namespace MyProj.Controllers
{
[Route("api/[controller]")]
[ApiController]
public class FacilitiesController : ControllerBase
{
public FacilitiesController()
{
}
[HttpPost]
public JsonResult FloorPlanURL([FromBody] UniqueFloor theFloor)
{
<stuff happens>
return new JsonResult(new {success = true, url = out});
}
我已经经历了多次迭代,也可以在这里查看:https://docs.microsoft.com/en-us/aspnet/core/security/cors?view=aspnetcore-3.1#enable-cors-with-endpoint-routing。我可能缺少一些简单的东西。我可以在所有控制器中添加手动OPTIONS处理程序,但这似乎是一个很糟糕的解决方案。
答案 0 :(得分:1)
您需要修改您的类StartUp.cs,尝试将这样的代码放入...
public void ConfigureServices (IServiceCollection services) {
services.AddLogging ();
services.AddCors (); // just adding the cors to the services
services.AddMvc ().SetCompatibilityVersion (CompatibilityVersion.Version_2_2);
}
public void Configure (IApplicationBuilder app, IHostingEnvironment env) {
// global cors policy
app.UseCors (x => x
.AllowAnyOrigin ()
.AllowAnyMethod ()
.AllowAnyHeader ()); // configure CORS
app.UseHttpsRedirection ();
app.UseMvc ();
}
并且CORS必须对您的所有Apicontrollers均正常工作。
如果错误代码405继续出现:表示您未正确调用端点。
请验证并给我有关结果的反馈。