从 core 2.2迁移到 core 3.0时,我遇到了cors问题
I am getting cors issue while i am migrating from core 2.2 to core 3.0
public void Configure(IApplicationBuilder app, IHostEnvironment env, Microsoft.AspNetCore.Hosting.IApplicationLifetime applicationLifetime) { NLog.LogManager.Configuration = new NLogLoggingConfiguration(Configuration.GetSection("NLog")); LogManager.Configuration.Variables["connectionString"] = Encryptor.GetNLogDB(); LogManager.Configuration.Variables["ApplicationName"] = env.ApplicationName; LogManager.Configuration.Variables["EnvironmentType"] = env.EnvironmentName; app.UseStaticFiles(); app.UseRouting(); app.UseCors("AllowAll"); applicationLifetime.ApplicationStopping.Register(OnShutdown); applicationLifetime.ApplicationStarted.Register(OnStarted); app.UseAuthentication(); app.UseAuthorization(); app.UseLogAndExceptionHandler(); //app.UseCors(); //app.UseSignalR(routes => //{ // routes.MapHub<ApplicationHub>(SignalRHub); // routes.MapHub<QuillHub>(QuillHub); //}); app.UseEndpoints(endpoints => { endpoints.MapControllers(); }); //app.UseMvc(); Initialize(app); } public void ConfigureServices(IServiceCollection services) { services.AddCors(options => { options.AddPolicy("AllowAll", builder => builder.AllowAnyOrigin().AllowAnyMethod().AllowAnyHeader().AllowCredentials()); }); }在运行此程序时,我收到一条错误消息,说我不能同时使用AllowAnyOrigin和AllowCredentials,并且当我删除其中的任何一条时,CORS策略已阻止了运行时错误:对预检请求的响应未通过访问控制检查:当请求的凭据模式为"include"时,响应中"Access-Control-Allow-Origin"标头的值不得为通配符"*".XMLHttpRequest发起的请求的凭据模式由withCredentials属性控制.
While running this i am getting an error saying i cant use AllowAnyOrigin and AllowCredentials together and when i remove any of those i get run time error has been blocked by CORS policy: Response to preflight request doesn't pass access control check: The value of the 'Access-Control-Allow-Origin' header in the response must not be the wildcard '*' when the request's credentials mode is 'include'. The credentials mode of requests initiated by the XMLHttpRequest is controlled by the withCredentials attribute.
我想允许所有起源.
推荐答案基于 CORS文档.
尝试使用 SetIsOriginAllowed 作为解决方法
services.AddCors(options => { options.AddPolicy("AllowAll", builder => builder.AllowAnyMethod() .AllowAnyHeader() .SetIsOriginAllowed(_ => true) .AllowCredentials()); });更多推荐
从.NET Core 2.2迁移到.NET Core 3.0时发生CORS问题
发布评论