如何在Asp.Net Core 3.0 WebAPI中启用CORS

问题描述 投票:0回答:1

我想通过Asp.Net Core 3.0 API项目启用CORS。这是基本生成的Asp.Net Core Api模板。模板中的所有内容均为默认设置,除非我从文档中添加了CORS设置

public class Startup
 {
    public Startup(IConfiguration configuration)
    {
        Configuration = configuration;
    }

    public IConfiguration Configuration { get; }

    // This method gets called by the runtime. Use this method to add services to the container.
    public void ConfigureServices(IServiceCollection services)
    {
        services.AddControllers();
        services.AddCors(options =>
        {
            options.AddPolicy("CorsPolicy",
                builder => builder.WithOrigins("http://localhost:4200", "http://localhost:44349")
                .AllowAnyMethod()
                .AllowAnyHeader()
                .AllowCredentials());
        });
    }

    // This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
    public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
    {
        if (env.IsDevelopment())
        {
            app.UseDeveloperExceptionPage();
        }

        app.UseHttpsRedirection();

        app.UseRouting();

        app.UseCors("CorsPolicy");
        app.UseAuthorization();

        app.UseEndpoints(endpoints =>
        {
            endpoints.MapControllers();
        });
    }
}

我应该如何设置以在.net核心Web API中获得Corret CORS?

c# rest asp.net-core cors cross-domain
1个回答
0
投票

Cors的优先顺序应在路由和添加控制器之前。应该按照官方文档中的定义添加:https://docs.microsoft.com/en-us/aspnet/core/security/cors?view=aspnetcore-3.1

遵循此代码:

public class Startup
 {
    public Startup(IConfiguration configuration)
    {
        Configuration = configuration;
    }

    public IConfiguration Configuration { get; }

    // This method gets called by the runtime. Use this method to add services to the container.
    public void ConfigureServices(IServiceCollection services)
    {            
        services.AddCors(options =>
        {
            options.AddPolicy("CorsPolicy",
                builder => builder.WithOrigins("http://localhost:4200", "http://localhost:44349")
                .AllowAnyMethod()
                .AllowAnyHeader();
                //.AllowCredentials());
        });

      services.AddControllers();
    }

    // This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
    public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
    {
        if (env.IsDevelopment())
        {
            app.UseDeveloperExceptionPage();
        }

        app.UseCors("CorsPolicy");

        app.UseHttpsRedirection();    
        app.UseRouting();    
        app.UseAuthorization();

        app.UseEndpoints(endpoints =>
        {
            endpoints.MapControllers();
        });
    }
}
最新问题
© www.soinside.com 2019 - 2024. All rights reserved.