作者:轻点指尖划过秋天的一抹痕8023意 | 来源:互联网 | 2023-09-15 10:32
SoIhaveajqueryajaxrequestlikethis:我有一个jqueryajax请求:functioncreateLokiAccount(someur
So I have a jquery ajax request like this:
我有一个jquery ajax请求:
function createLokiAccount(someurl) {
var d = {"Jurisdiction":17}
$.ajax({
type: "POST",
url:"http://myserver:111/Api/V1/Customers/CreateCustomer/",
data: JSON.stringify(d),
contentType: "application/json; charset=utf-8",
dataType: "json",
success: function(data){alert(data);},
failure: function(errMsg) {
alert(errMsg);
}
});
}
This is hitting my web api which is basically:
我的web api基本上是:
[HttpPost]
public CreateCustomer.Response CreateCustomer(CreateCustomer.Request request)
{
HttpContext.Current.Response.AppendHeader("Access-Control-Allow-Origin", "*");
...
Which when I call it in Chrome gives me:
当我在Chrome中调用它时,它给了我:
OPTIONS http://myserver:111/Api/V1/Customers/CreateCustomer/ 405 (Method Not Allowed)
No 'Access-Control-Allow-Origin' header is present on the requested resource.
When I do the POST request from Fiddler it includes "Access-Control-Allow-Origin: *" in the response header as it should, which would suggest the API is configured correctly, yet the (from Fiddler) the jquery request looks like:
当我做Fiddler的POST请求时,它在响应头中应该包含“Access-Control-Allow-Origin: *”,这表明API配置正确,但是jquery请求(来自Fiddler)看起来是:
OPTIONS http://myserver:111/Api/V1/Customers/CreateCustomer/ HTTP/1.1 Host: myserver:111 Connection: keep-alive Access-Control-Request-Method: POST Origin: http://localhost:6500 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/34.0.1847.116 Safari/537.36 Access-Control-Request-Headers: accept, content-type Accept: / Referer: http://localhost:6500/Home/Replication?interval=1 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8,en-GB;q=0.6,it-IT;q=0.4,it;q=0.2
选项http://myserver:111/Api/V1/Customers/CreateCustomer/ HTTP/1.1 Host: myserver:111 Connection: keep-alive access - control - request - request - request - method: POST Origin: http://localhost:6500用户代理:Mozilla/5.0 (Windows NT 6.1;WOW64) AppleWebKit/537.36 (KHTML,比如Gecko) Chrome/34.0.1847.116 Safari/537.36 access - control - control - request - header: accept, content-type accept:/ Referer: http://localhost:6500/Home/Replication?区间=1接受编码:gzip,deflate,sdch接受语言:en- us,en;q=0.8,en- gb;q=0.6,it;q=0.4,it;q=0.2
So why is my POST request getting turned into an OPTIONS request?
为什么我的POST请求变成了选项请求?
1 个解决方案
3
First of all, you're adding only one header, but there is at least three of them you needed:
首先,你只添加了一个标题,但至少需要三个:
"Access-Control-Allow-Origin", "*"
"Access-Control-Allow-Methods", "GET, POST, PUT, DELETE"
"Access-Control-Allow-Headers", "Content-Type, Accept"
Secondly, in case if you need CORS only for one method in certain controller, the way you're adding headers is ok. But in common it's not right.
其次,如果在某些控制器中只需要一个方法的CORS,那么添加header的方法是可以的。但一般来说,这是不对的。
ASP.NET 5 with Web API 2 offers CORS library.
ASP。NET 5使用Web API 2提供CORS库。
But if you're using Web API, I can offer solution (not truly proper, but working). Just add (in Global.asax) to every request required headers
但是如果您正在使用Web API,我可以提供解决方案(不是真正合适的,但是可以工作)。只需在每个请求头中添加(在Global.asax中)
protected void Application_BeginRequest(object sender, EventArgs e)
{
HttpContext.Current.Response.AddHeader("Access-Control-Allow-Origin", "*");
if (HttpContext.Current.Request.HttpMethod == "OPTIONS")
{
HttpContext.Current.Response.AddHeader("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE");
HttpContext.Current.Response.AddHeader("Access-Control-Allow-Headers", "Content-Type, Accept");
HttpContext.Current.Response.AddHeader("Access-Control-Max-Age", "1728000");
HttpContext.Current.Response.End();
}
}
京公网安备 11010802041100号