.NET Web API CORS PreFlight 请求

问题描述

我在向其他域上的 Web API 发出 PUT 和 DELETE CORS 请求时遇到了一些麻烦.

I have some trouble make PUT and DELETE CORS request to Web API on other domain.

我已经通过教程 http://www.asp.net/web-api/overview/security/enabling-cross-origin-requests-in-web-api#create-webapi-project.

GET 和 POST 请求工作正常，但 DELETE 和 PUT 不能.我收到这条消息:

GET and POST Requests works fine, but DELETE and PUT doesn't. I get this message:

Failed to load resource: the server responded with a status of 405 (Method Not Allowed)
Failed to load resource: No 'Access-Control-Allow-Origin' header is present on the requested resource.

当我向 CORS 支持使用 ASP.NET Web API 进行 PUT 和 DELETE，我只收到第一个错误.

When I add code to WebConfig suggested on CORS support for PUT and DELETE with ASP.NET Web API , I get only first error.

谁能帮我解决这个问题?

Can anyone help me with this please?

推荐答案

你可以添加一个处理程序来处理这种类型的请求.

You can add a handler to deal with this type of request.

创建一个派生自DelegatingHandler"的类:

Create a class derive from "DelegatingHandler":

public class PreflightRequestsHandler : DelegatingHandler
{
    protected override Task<HttpResponseMessage> SendAsync(HttpRequestMessage request, CancellationToken cancellationToken)
    {
        if (request.Headers.Contains("Origin") && request.Method.Method.Equals("OPTIONS"))
        {
            var response = new HttpResponseMessage { StatusCode = HttpStatusCode.OK };
            // Define and add values to variables: origins, headers, methods (can be global)               
            response.Headers.Add("Access-Control-Allow-Origin", origins);
            response.Headers.Add("Access-Control-Allow-Headers", headers);
            response.Headers.Add("Access-Control-Allow-Methods", methods);
            var tsc = new TaskCompletionSource<HttpResponseMessage>();
            tsc.SetResult(response);
            return tsc.Task;
        }
        return base.SendAsync(request, cancellationToken);
    }

}

稍后在 WebApiconfig.cs 的 Register 方法中添加:

Later in WebApiconfig.cs in Register method add this:

public static void Register(HttpConfiguration config)
{
    // Define and add values to variables: origins, headers, methods (can be global) 
    // Enable global CORS
    config.EnableCors(new EnableCorsAttribute(origins, headers, methods));

    // Add handler to deal with preflight requests, this is the important part
    config.MessageHandlers.Add(new PreflightRequestsHandler()); // Defined above
    .
    .
    .
}

这篇关于.NET Web API CORS PreFlight 请求的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持跟版网！