• 微信公众号:美女很有趣。 工作之余,放松一下,关注即送10G+美女照片!

webapi处理OPTIONS请求

开发技术 开发技术 5小时前 2次浏览

Webapi处理Options请求

 转自:https://www.cnblogs.com/dawenyang/archive/2019/05/31/10956521.html

报错1信息

 Access to XMLHttpRequest at ‘http://localhost:4445/api/v/getmsg’ from origin ‘http://localhost:9528’ has been blocked by CORS policy: Response to preflight request doesn’t pass access control check: The value of the ‘Access-Control-Allow-Origin’ header in the response must not be the wildcard ‘*’ when the request’s credentials mode is ‘include’. The credentials mode of requests initiated by the XMLHttpRequest is controlled by the withCredentials attribute.

解决方案

参考资料:https://segmentfault.com/q/1010000016765176,把value值改成特定的域名。

  <system.webServer>   
    <httpProtocol>
      <customHeaders>
        <add name="Access-Control-Allow-Origin" value="http://localhost:9528" />
    </httpProtocol>    
  </system.webServer>

报错2信息 

Access to XMLHttpRequest at ‘http://localhost:4445/api/v/getmsg&#8217; from origin ‘http://localhost:9528&#8217; has been blocked by CORS policy: Response to preflight request doesn’t pass access control check: The value of the ‘Access-Control-Allow-Credentials’ header in the response is ” which must be ‘true’ when the request’s credentials mode is ‘include’. The credentials mode of requests initiated by the XMLHttpRequest is controlled by the withCredentials attribute.

解决方案

增加一行配置文件

<add name="Access-Control-Allow-Credentials" value="true" />

 

报错3信息

Access to XMLHttpRequest at ‘http://localhost:4445/api/v/getmsg&#8217; from origin ‘http://localhost:9528&#8217; has been blocked by CORS policy: Response to preflight request doesn’t pass access control check: It does not have HTTP ok status.

原因

浏览器请求接口时会发送两个请求,一个是预请求,相当于确认请求,第二个请求才是你要发送的真正的请求,而这个错误信息说明的是第一个OPTINOS请求失败,在服务端没有处理这个method为OPTIONS的请求,需要对它处理一下:

解决方案:

参考资料:关于Web API 2.0中的Options请求返回405的问题

                  HTTP Module

webapi处理OPTIONS请求
    public class SpecialMethodModule : IHttpModule
    {
        public SpecialMethodModule()
        {
        }

        public void Init(HttpApplication app)
        {
            app.BeginRequest += new EventHandler(this.BeginRequest);
        }

        public void Dispose()
        {
        }

        public void BeginRequest(object resource, EventArgs e)
        {
            HttpApplication app = resource as HttpApplication;
            HttpContext context = app.Context;
            if (context.Request.HttpMethod.ToUpper() == "OPTIONS")
            {
                context.Response.StatusCode = 200;
                context.Response.End();
            }
        }
    }
webapi处理OPTIONS请求

在web.config中增加module节点,参考微软官方文档,根据IIS版本不同,增加的节点方式也不同,我是IIS10.0

webapi处理OPTIONS请求
<configuration>
  <system.webServer>
    <modules>
      <add name="HelloWorldModule" type="HelloWorldModule"/>
    </modules>
  </system.webServer>
</configuration>
webapi处理OPTIONS请求

 

游览器出现net::ERR_SSL_PROTOCOL_ERROR错误的解决 http/https
ASP.NET WebApi缺少System.Web.Http.Cors引用解决方案
Microsoft.AspNet.WebApi.Cors

 

 

报错1信息

 Access to XMLHttpRequest at ‘http://localhost:4445/api/v/getmsg&#8217; from origin ‘http://localhost:9528&#8217; has been blocked by CORS policy: Response to preflight request doesn’t pass access control check: The value of the ‘Access-Control-Allow-Origin’ header in the response must not be the wildcard ‘*’ when the request’s credentials mode is ‘include’. The credentials mode of requests initiated by the XMLHttpRequest is controlled by the withCredentials attribute.

解决方案

参考资料:https://segmentfault.com/q/1010000016765176,把value值改成特定的域名。

  <system.webServer>   
    <httpProtocol>
      <customHeaders>
        <add name="Access-Control-Allow-Origin" value="http://localhost:9528" />
    </httpProtocol>    
  </system.webServer>

报错2信息 

Access to XMLHttpRequest at ‘http://localhost:4445/api/v/getmsg&#8217; from origin ‘http://localhost:9528&#8217; has been blocked by CORS policy: Response to preflight request doesn’t pass access control check: The value of the ‘Access-Control-Allow-Credentials’ header in the response is ” which must be ‘true’ when the request’s credentials mode is ‘include’. The credentials mode of requests initiated by the XMLHttpRequest is controlled by the withCredentials attribute.

解决方案

增加一行配置文件

<add name="Access-Control-Allow-Credentials" value="true" />

 

报错3信息

Access to XMLHttpRequest at ‘http://localhost:4445/api/v/getmsg&#8217; from origin ‘http://localhost:9528&#8217; has been blocked by CORS policy: Response to preflight request doesn’t pass access control check: It does not have HTTP ok status.

原因

浏览器请求接口时会发送两个请求,一个是预请求,相当于确认请求,第二个请求才是你要发送的真正的请求,而这个错误信息说明的是第一个OPTINOS请求失败,在服务端没有处理这个method为OPTIONS的请求,需要对它处理一下:

解决方案:

参考资料:关于Web API 2.0中的Options请求返回405的问题

                  HTTP Module

webapi处理OPTIONS请求
    public class SpecialMethodModule : IHttpModule
    {
        public SpecialMethodModule()
        {
        }

        public void Init(HttpApplication app)
        {
            app.BeginRequest += new EventHandler(this.BeginRequest);
        }

        public void Dispose()
        {
        }

        public void BeginRequest(object resource, EventArgs e)
        {
            HttpApplication app = resource as HttpApplication;
            HttpContext context = app.Context;
            if (context.Request.HttpMethod.ToUpper() == "OPTIONS")
            {
                context.Response.StatusCode = 200;
                context.Response.End();
            }
        }
    }
webapi处理OPTIONS请求

在web.config中增加module节点,参考微软官方文档,根据IIS版本不同,增加的节点方式也不同,我是IIS10.0

webapi处理OPTIONS请求
<configuration>
  <system.webServer>
    <modules>
      <add name="HelloWorldModule" type="HelloWorldModule"/>
    </modules>
  </system.webServer>
</configuration>
webapi处理OPTIONS请求

 

游览器出现net::ERR_SSL_PROTOCOL_ERROR错误的解决 http/https
ASP.NET WebApi缺少System.Web.Http.Cors引用解决方案
Microsoft.AspNet.WebApi.Cors

 

 


程序员灯塔
转载请注明原文链接:webapi处理OPTIONS请求
喜欢 (0)