How do you enable cross-origin requests (CORS) in

2019-01-13 17:41发布

站内问答 / C#
1710 6 6

I'd like to enable CORS on an API built with ASP.NET Core MVC, but all the current documents refer to earlier versions of that framework.

6条回答
再贱就再见
2楼-- · 2019-01-13 18:19

The notes on the new Cors features are very light, but I was able to get it working in my solution by looking at the new classes and methods. My Web API startup.cs looks like this. You can see how you can construct your origins and policies her by using the new CorsPolicy class. And enabling CORS with the AddCors and UseCors methods. 

 public void ConfigureServices(IServiceCollection services)
 {
     services.AddMvc();
     //Add Cors support to the service
     services.AddCors();

     var policy = new Microsoft.AspNet.Cors.Core.CorsPolicy();

     policy.Headers.Add("*");    
     policy.Methods.Add("*");          
     policy.Origins.Add("*");
     policy.SupportsCredentials = true;

     services.ConfigureCors(x=>x.AddPolicy("mypolicy", policy));

 }


 public void Configure(IApplicationBuilder app, IHostingEnvironment  env)
 {
     // Configure the HTTP request pipeline.

     app.UseStaticFiles();
     //Use the new policy globally
     app.UseCors("mypolicy");
     // Add MVC to the request pipeline.
     app.UseMvc();
 }

You can also reference the policy in the controllers with the new attributes like so

[EnableCors("mypolicy")]
[Route("api/[controller]")]
查看更多
0人赞 添加讨论(0) 举报
放荡不羁爱自由
3楼-- · 2019-01-13 18:19

I got it working using the following code:

public void ConfigureServices(IServiceCollection services)
{
    services.AddMvc();
    services.AddCors(options => options.AddPolicy("AllowAll", p => p.AllowAnyOrigin()));
}

You can chain AllowAnyHeader() and/or AllowAnyMethod() to the configure action if needed.

To configure it for the complete app:

public void Configure(IApplicationBuilder app)
{
    app.UseCors("AllowAll");
}

Or just for a controller:

[EnableCors("AllowAll")]
public class HomeController : Controller
{
   // ...
}

--

Update: configuring CORS for all requests can be done a bit easier:

public void ConfigureServices(IServiceCollection services)
{
    services.AddMvc();
    services.AddCors();
}

public void Configure(IApplicationBuilder app)
{
    app.UseCors(builder =>
    {
        builder.WithOrigins("http://some.origin.com")
               .WithMethods("GET", "POST")
               .AllowAnyHeader();
    });
}

For more information, refer to the docs.

查看更多
0人赞 添加讨论(0) 举报
爱情/是我丢掉的垃圾
4楼-- · 2019-01-13 18:23

cs1929 the method services.ConfigureCors(...) does no more exist. It is combined to AddCors:

services.AddCors(options => 
    options.AddPolicy("AllowAllOrigins", builder => builder.AllowAnyOrigin()));
查看更多
0人赞 添加讨论(0) 举报
女痞
5楼-- · 2019-01-13 18:25

In the most recent RC2 of ASP.NET Core.

The NuGet packages are

"Microsoft.AspNetCore.Owin": "1.0.0-rc2-final",
"Microsoft.AspNetCore.Cors": "1.0.0-rc2-final",

In Startup.cs

public void ConfigureServices(IServiceCollection services)
{
    // Add framework services.
    services.AddCors();
    services.AddMvc();
}

public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory)
{
    loggerFactory.AddConsole(Configuration.GetSection("Logging"));
    loggerFactory.AddDebug();

    app.UseCors(builder =>  builder
    .AllowAnyOrigin());
    app.UseMvc();
}
查看更多
0人赞 添加讨论(0) 举报
甜甜的少女心
6楼-- · 2019-01-13 18:27

Support for CORS is currently in development. Following issue is tracking that: https://github.com/aspnet/Mvc/issues/498

Update (3/28/2015):
This feature has been checked in and should be available in the next release.

查看更多
0人赞 添加讨论(0) 举报
小情绪 Triste *
7楼-- · 2019-01-13 18:31

Install : Microsoft.AspNetCore.Cors

In Configure method:

        app.UseCors(builder =>
                builder.WithOrigins("http://some.origin.com"));
查看更多
0人赞 添加讨论(0) 举报
登录 后发表回答
相关问题
查看全部
相关文章
查看全部
收藏的人(6)