Access-Control-Allow-Origin标头包含多个值*,*

问题描述 投票:0回答:1

我正在使用c#构建REST Web服务。

我有一个安装在另一台服务器上的Web应用程序。如果我尝试调用这些Web服务中的任何一个,则会出现此错误

从源'https://test.domain.com/WS/Hab-Dem/Tar/api/Login'到'https://std.apps.com'对XMLHttpRequest的访问已被CORS策略阻止:对预检请求的响应未通过访问控制检查:'Access-Control-Allow-Origin'标头包含多个值'*,*',但只允许一个。

我已创建此文件:

public class PreflightRequestsHandler : DelegatingHandler
{
    protected override Task<HttpResponseMessage> SendAsync(HttpRequestMessage request, CancellationToken cancellationToken)
    {
        if (request.Headers.Contains("Origin") && request.Method.Method.Equals("OPTIONS"))
        {
            var response = new HttpResponseMessage { StatusCode = HttpStatusCode.OK };

            // Define and add values to variables: origins, headers, methods (can be global) 
            response.Headers.Add("Access-Control-Allow-Origin", "*");
            response.Headers.Add("Access-Control-Allow-Headers", "Content-Type");
            response.Headers.Add("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE, OPTIONS");
            response.Headers.Add("Access-Control-Request-Headers", "*");

            var tsc = new TaskCompletionSource<HttpResponseMessage>();
            tsc.SetResult(response);

            return tsc.Task;
        }

        return base.SendAsync(request, cancellationToken);
    }
}

WebApiConfig.cs中,我插入了此代码:

public static void Register(HttpConfiguration config)
{
    // Web API configuration and services
    config.EnableCors(new EnableCorsAttribute("*", "*", "*", "X-Custom-Header"));
    config.MessageHandlers.Add(new PreflightRequestsHandler()); // Defined above
    config.MapHttpAttributeRoutes();

    config.Routes.MapHttpRoute(
                name: "DefaultApi",
                routeTemplate: "api/{controller}/{id}",
                defaults: new { id = RouteParameter.Optional } );

    var jsonConfig = config.Formatters.JsonFormatter;
    jsonConfig.SerializerSettings.NullValueHandling = NullValueHandling.Ignore;
}

并且在web.config文件中,我已经添加了这个:

<system.webServer>
    <handlers>
        <remove name="ExtensionlessUrlHandler-Integrated-4.0" />
        <remove name="OPTIONSVerbHandler" />
        <remove name="TRACEVerbHandler" />
        <add name="ExtensionlessUrlHandler-Integrated-4.0" path="*." verb="*" 
             type="System.Web.Handlers.TransferRequestHandler" 
             preCondition="integratedMode,runtimeVersionv4.0" />
    </handlers>
</system.webServer>
c# rest web-services cors
1个回答
0
投票
https://www.digitalocean.com/community/questions/blocked-by-cors-policy-the-access-control-allow-origin-mean-stack
最新问题
© www.soinside.com 2019 - 2024. All rights reserved.