我有一个在Azure上托管的ASP.NET Web API。我已将HTTP消息处理程序集成到该API。当我使用AJAX调用它时,消息处理程序正在被击中。我也在我的AJAX调用中发送一些请求头。问题是我没有收到从AJAX调用发送到集成在Web API中的Message Handler的头文件。请参阅图像:Debugger screenshot无法从ASP.NET Web API中的jQuery AJAX请求中获取标头
下面是我的AJAX请求的代码:
$.ajax({
url: "https://someservicename.azurewebsites.net/Service/RequestHandler",
beforeSend: function (xhr) {
xhr.setRequestHeader('Token', '86810e135958961ad4880ad');
},
type: "POST",
crossDomain: true,
data: {
param: "Passed Parameter"
},
success: function (msg) {
console.log(msg);
},
error: function (XMLHttpRequest, textStatus, errorThrown) {
console.log(textStatus);
}
});
中的Web API的消息处理程序看起来象下面这样:
protected async override Task<HttpResponseMessage> SendAsync(HttpRequestMessage request, CancellationToken cancellationToken)
{
string authToken;
try
{
authToken = request.Headers.GetValues("Token").FirstOrDefault();
if (authToken != "86810e135958961ad4880ad")
{
return await Task.Factory.StartNew(() =>
{
return new HttpResponseMessage(HttpStatusCode.BadRequest)
{
Content = new StringContent("Unauthorized access!")
};
});
}
else
{
return await base.SendAsync(request, cancellationToken);
}
}
catch (System.InvalidOperationException)
{
return null;
}
}
当我从IIS中运行的代码本地主机发送的请求如下所示:
Accept:*/*
Accept-Encoding:gzip, deflate, sdch, br
Accept-Language:en-US,en;q=0.8
Access-Control-Request-Headers:token
Access-Control-Request-Method:POST
Connection:keep-alive
Host:someservicename.azurewebsites.net
Origin:http://localhost:12522
Referer:http://localhost:12522/pocppd.html
User-Agent:Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
而负责人我在控制台上得到的是:
https://someservicename.azurewebsites.net/Service/RequestHandler. Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:12522' is therefore not allowed access. The response had HTTP status code 500.
与POSTMAN客户端请求工作正常,但从本地主机它会返回一个错误。请让我知道没有在我的消息处理程序中获取标题的原因?
响应哪位会带来几十[结果](https://www.google.com.tr/search?q=Response+to+preflight+request+doesn %27吨+传+访问+对照+检查%3A + NO +%27Access - 控制 - 允许来源%27&OQ =响应+至+预检+请求+没有按%27吨+传+访问+对照+检查%3A + NO +%27Access -Control-Allow-Origin%27&aqs = chrome..69i57j69i59.119j0j7&sourceid = chrome&ie = UTF-8)在搜索时只是告诉你,服务器上不允许使用哪个请求的来源,因为CORS标准。 Marius的回答是一种使服务器响应来自你本地主机的请求的方法。 – ibubi