我正在使用c#构建REST Web服务。
我有一个安装在另一台服务器上的Web应用程序。如果我尝试调用这些Web服务中的任何一个,则会出现此错误
从源'https://test.domain.com/WS/Hab-Dem/Tar/api/Login'到'https://std.apps.com'对XMLHttpRequest的访问已被CORS策略阻止:对预检请求的响应未通过访问控制检查:'Access-Control-Allow-Origin'标头包含多个值'*,*',但只允许一个。
我已创建此文件:
public class PreflightRequestsHandler : DelegatingHandler
{
protected override Task<HttpResponseMessage> SendAsync(HttpRequestMessage request, CancellationToken cancellationToken)
{
if (request.Headers.Contains("Origin") && request.Method.Method.Equals("OPTIONS"))
{
var response = new HttpResponseMessage { StatusCode = HttpStatusCode.OK };
// Define and add values to variables: origins, headers, methods (can be global)
response.Headers.Add("Access-Control-Allow-Origin", "*");
response.Headers.Add("Access-Control-Allow-Headers", "Content-Type");
response.Headers.Add("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE, OPTIONS");
response.Headers.Add("Access-Control-Request-Headers", "*");
var tsc = new TaskCompletionSource<HttpResponseMessage>();
tsc.SetResult(response);
return tsc.Task;
}
return base.SendAsync(request, cancellationToken);
}
}
在WebApiConfig.cs
中,我插入了此代码:
public static void Register(HttpConfiguration config)
{
// Web API configuration and services
config.EnableCors(new EnableCorsAttribute("*", "*", "*", "X-Custom-Header"));
config.MessageHandlers.Add(new PreflightRequestsHandler()); // Defined above
config.MapHttpAttributeRoutes();
config.Routes.MapHttpRoute(
name: "DefaultApi",
routeTemplate: "api/{controller}/{id}",
defaults: new { id = RouteParameter.Optional } );
var jsonConfig = config.Formatters.JsonFormatter;
jsonConfig.SerializerSettings.NullValueHandling = NullValueHandling.Ignore;
}
并且在web.config
文件中,我已经添加了这个:
<system.webServer>
<handlers>
<remove name="ExtensionlessUrlHandler-Integrated-4.0" />
<remove name="OPTIONSVerbHandler" />
<remove name="TRACEVerbHandler" />
<add name="ExtensionlessUrlHandler-Integrated-4.0" path="*." verb="*"
type="System.Web.Handlers.TransferRequestHandler"
preCondition="integratedMode,runtimeVersionv4.0" />
</handlers>
</system.webServer>