WebApi中启用CORS跨域访问
1.安装 Nugget包Microsoft.AspNet.WebApi.Cors
This package contains the components to enable Cross-Origin Resource Sharing (CORS) in ASP.NET Web API.
此包包含启用跨域资源共享的组件(CORS)在ASP.NET Web API。
目前版本是5.2.3
依赖项:
Microsoft.AspNet.WebApi.Core (>= 5.2.2 && < 5.3.0)
Microsoft.AspNet.Cors (>= 5.2.2)
2.WebApiApplication中启用跨域功能,默认是不可用的
public class WebApiApplication : System.Web.HttpApplication
{
protected void Application_Start()
{
//启用跨域
/*
* 注意,必须先启用跨域,然后,启用注册路由
*/
GlobalConfiguration.Configuration.EnableCors(); GlobalConfiguration.Configure(WebApiConfig.Register);
}
}
3.[EnableCors]在Controller或Action配置跨域方案
//支持客户端凭据提交
[EnableCors("http://localhost:51421", "*", "*", SupportsCredentials = true)]
//[EnableCors("http://localhost:51421", "*", "*")]
// [EnableCors("*", "*", "*")]
public string GetOne()
{
return "";
}
客户端访问,带客户端凭据信息
$.ajax({
url: apiUrl.getCookie('getone'),
// url: apiUrl.getCookie('gettwo'),
data: { age: 11 },
xhrFields: {
withCredentials: true //支持附带详细信息
},
crossDomain: true,//请求偏向外域
success: function (data) {
alert(data);
}
});
4.在controller中,指定[EnableCors]对所有的action,都起作用,然而,还可以单独指定到某个action
[EnableCors("*", "*", "*")]
public class CookieOneController : ApiController
{
//支持客户端凭据提交
[EnableCors("http://localhost:51421", "*", "*", SupportsCredentials = true)]
//[EnableCors("http://localhost:51421", "*", "*")]
// [EnableCors("*", "*", "*")]
public string GetOne()
{
return CookieHelper.GetString("username");
}
[HttpGet]
[HttpPost]
public string GetTwo()
{
return "";
}
}
更多:
https://www.asp.net/web-api/overview/releases/whats-new-in-aspnet-web-api-22
Asp.Net WebApi 启用CORS跨域访问指定多个域名
Cors 跨域Access-Control-Allow-Origin
资料地址:
http://www.cnblogs.com/artech/p/cors-4-asp-net-web-api-05.html
官方文档:
https://www.asp.net/web-api/overview/security/enabling-cross-origin-requests-in-web-api#enable-cors