请注意,该问题专门针对Dynamics CRM。我希望有一种专有功能可以扩展或替代普通的Web开发。因此,这个问题不是重复的,尽管一旦有人看到 CORS和又有一只鸭子在问CORS ...(错字意味),它似乎就这么重复了。
我正在尝试从CRM呼叫外部单词,当然,我遇到了CORS问题。现在,我对呼叫定向到的服务器端几乎没有控制,因此我想知道是否可以通过客户端解决该问题。
I'm trying to make a call to an outside word from CRM and, of course, I run into CORS issues. Now, I have very little control over the server side that the call is directed to, so I wonder if it's possible to work around it from the client somehow.
最优解决方案是,如果服务器开发人员允许来自不同域的呼叫,但存在他们不这样做的风险。除了编写自定义服务层以打开CORS来访问来自CRM的并与第三方服务器通话之外,我还有什么选择?
The optimal solution would be if the server developers allowed calls from different domains but there's a risk that they won't do that. What are my options then, besides writing a custom service layer that opens for CORS towards calls from CRM and speaks to the third party server?
g如下(当然,从URL行调用效果非常好)。
The nag is as follows (of course, from the URL line the call performs perfectly well).
跨域请求被阻止:相同原始政策不允许读取 https:/ /yaba.daba.doo/list?p1=[]&p2=0&__=1415714629958 。可以通过将资源移至同一域或启用CORS来解决此问题。
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at yaba.daba.doo/list?p1=[]&p2=0&&_=1415714629958. This can be fixed by moving the resource to the same domain or enabling CORS.
推荐答案
一个老问题,但是我在CRM 2011(和IIS 7.0)上通过编辑web.config解决了这个问题。
It's an old question but I solved this problem on CRM 2011 (and IIS 7.0) editing the web.config.
我已将CORS标头添加到IIS响应中。
I have added the CORS Header to IIS response.
添加基本标题
<system.webServer> <httpProtocol> <customHeaders> <add name="Access-Control-Allow-Headers" value="Origin, X-HTTP-Method, X-Requested-With, Content-Type, Accept" /> <add name="Access-Control-Allow-Methods" value="POST,GET,OPTIONS,PUT,DELETE" /> <add name="Access-Control-Allow-Credentials" value="true" /> </customHeaders> </httpProtocol>[..]添加规则
安装网址重写并添加以下规则
<rewrite> <rules> [..] <!-- This rule allow the prefligh request to be authenticated, otherwise raise the 401 error, required ONLY if you use POST, for GET only is not necessary --> <rule name="CORS Preflight Anonymous Authentication" stopProcessing="true"> <match url=".*" /> <conditions> <add input="{REQUEST_METHOD}" pattern="^OPTIONS$" /> </conditions> <action type="CustomResponse" statusCode="200" statusReason="Preflight" statusDescription="Preflight" /> </rule> [..] </rules> <outboundRules> <clear /> <rule name="AddCORSHeaders"> <match serverVariable="RESPONSE_Access_Control_Allow_Origin" pattern=".*" /> <conditions logicalGrouping="MatchAll" trackAllCaptures="true"> <!-- This add the Access-Control-Allow-Origin if the pattern match the request url --> <add input="{HTTP_ORIGIN}" pattern="(http(s)?://((.+\.)?domain1\.lan|(.+\.)?mydomain\|(.+\.)?otherdomain\))" /> </conditions> <action type="Rewrite" value="{C:0}" /> </rule> </outboundRules> </rewrite>更多推荐
如何在Dynamics CRM中启用CORS?
发布评论