namespace CorsTest
{
public class Program
{
public static void Main(string[] args)
{
var builder = WebApplication.CreateBuilder(args);
builder.Services.AddCors(options =>
{
options.AddPolicy(name: "MyAllowSpecificOrigins", policy => {
policy.AllowAnyOrigin();
});
});
// Add services to the container.
builder.Services.AddControllers();
// Learn more about configuring Swagger/OpenAPI at https://aka.ms/aspnetcore/swashbuckle
builder.Services.AddEndpointsApiExplorer();
builder.Services.AddSwaggerGen();
var app = builder.Build();
// Configure the HTTP request pipeline.
if (app.Environment.IsDevelopment())
{
app.UseSwagger();
app.UseSwaggerUI();
}
app.UseHttpsRedirection();
app.UseCors("MyAllowSpecificOrigins");
app.UseAuthorization();
app.MapControllers();
app.Run();
}
}
}
请考虑上面的代码,它与WebAPI2启动模板完全相同,加上添加了以下代码片段
builder.Services.AddCors(options =>
{
options.AddPolicy(name: "MyAllowSpecificOrigins", policy => {
policy.AllowAnyOrigin();
});
});
app.UseCors("MyAllowSpecificOrigins");
这些片段直接从MSDN复制。然而,它就是不能正常工作。当我尝试在 Swagger 中触发请求时,缺少
Access-Control-Allow-Origin
标头,而我预计响应中将包含 Access-Control-Allow-Origin: *
之类的内容。预先感谢您的任何建议
可能您还需要在策略中添加标头
policy.AllowAnyOrigin().AllowAnyHeader();
policy.AllowAnyOrigin().WithHeaders("Access-Allow-Origin", "*");
更多请访问这个