<httpProtocol>

      <customHeaders>

        <!--响应类型 (值为逗号分隔的一个字符串，表明服务器支持的所有跨域请求的方法)-->

        <add name="Access-Control-Allow-Methods" value="GET,POST,PUT,DELETE,OPTIONS"/>

        <!--响应头设置（Content-Type：只限于三个值application/x-www-form-urlencoded、multipart/form-data、text/plain）-->

        <add name="Access-Control-Allow-Headers" value="x-requested-with,content-type,token"/>

        <!--如果设置 Access-Control-Allow-Origin:*，则允许所有域名的脚本访问该资源-->

        <add name="Access-Control-Allow-Origin" value="*" />

        <!--<add name="Access-Control-Allow-Origin" value="http://domain1.com, http://domain2.com" />  设置允许跨域访问的网址-->

        <!--<add name="Access-Control-Max-Age" value="6000" /> 设置预检有效时间-->

        <add name="Access-Control-Max-Age" value="6000" />

      </customHeaders>

    </httpProtocol>

    <!--<handlers>

      <remove name="ExtensionlessUrlHandler-Integrated-4.0" />

      <remove name="OPTIONSVerbHandler" />

      <remove name="TRACEVerbHandler" />

      <add name="ExtensionlessUrlHandler-Integrated-4.0" path="*." verb="*" type="System.Web.Handlers.TransferRequestHandler" preCondition="integratedMode,runtimeVersionv4.0" />

    </handlers>-->