我已经阅读了关于ASP.NET Core和CORS主题的所有内容,我相信我能理解它的大部分内容,但是,我会如果我能把它工作,那该死的。我使用的是Chrome浏览器,这里是数据:如何让CORS与ASP.Net Core Web API服务器一起工作Angular 2客户端
Prefilght:
General:
Request URL:http://localhost:34376/api/login
Request Method:OPTIONS
Status Code:204 No Content
Remote Address:[::1]:34376
Response Headers:
view source
Access-Control-Allow-Credentials:true
Access-Control-Allow-Headers:access-control-allow-origin,content-type
Access-Control-Allow-Origin:http://localhost:3000
Date:Wed, 23 Nov 2016 03:05:00 GMT
Server:Kestrel
Vary:Origin
X-Powered-By:ASP.NET
X-SourceFiles:=?UTF-8?B?QzpcUHJvamVjdHNcbXZjXFNob3BVc1NlcnZpY2Vcc3JjXFNob3BVc1NlcnZpY2VcYXBpXGxvZ2lu?=
Request Headers:
view source
Accept:*/*
Accept-Encoding:gzip, deflate, sdch, br
Accept-Language:en-US,en;q=0.8
Access-Control-Request-Headers:access-control-allow-origin, content-type
Access-Control-Request-Method:POST
Connection:keep-alive
Host:localhost:34376
Origin:http://localhost:3000
Referer:http://localhost:3000/authentication
User-Agent:Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.71 Safari/537.36
帖子:
Request URL:http://localhost:34376/api/login
Request Method:POST
Status Code:500 Internal Server Error
Remote Address:[::1]:34376
Response Headers:
view source
Content-Length:0
Date:Tue, 22 Nov 2016 03:11:40 GMT
Server:Kestrel
X-Powered-By:ASP.NET
X-SourceFiles:=?UTF-8?B?QzpcUHJvamVjdHNcbXZjXFNob3BVc1NlcnZpY2Vcc3JjXFNob3BVc1NlcnZpY2VcYXBpXGxvZ2lu?=
Request Headers:
view source
Accept:*/*
Accept-Encoding:gzip, deflate, br
Accept-Language:en-US,en;q=0.8
Access-Control-Allow-Origin:true
Connection:keep-alive
Content-Length:87
Content-Type:application/json
Host:localhost:34376
Origin:http://localhost:3000
Referer:http://localhost:3000/authentication
User-Agent:Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.71 Safari/537.36
Request Payload:
view source
{userName: "", email: "[email protected]", password: "[email protected]", rememberMe: false}
email: "[email protected]"
password: "[email protected]"
rememberMe: false
userName:""
ASP.NET核心代码:
public void ConfigureServices(IServiceCollection services)
{
services.AddCors(options => {
options.AddPolicy("CorsPolicy",
builder => builder.AllowAnyOrigin()
.AllowAnyMethod()
.AllowAnyHeader()
.AllowCredentials().Build());
});
// Add framework services.
services.AddApplicationInsightsTelemetry(Configuration);
services.AddMvc();
}
public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory)
{
loggerFactory.AddConsole(Configuration.GetSection("Logging"));
loggerFactory.AddDebug();
app.UseCors("CorsPolicy");
app.UseApplicationInsightsRequestTelemetry();
app.UseApplicationInsightsExceptionTelemetry();
app.UseMvc();
}
ASP。 NET核心控制器:
[EnableCors("CorsPolicy")]
[Produces("application/json")]
[Route("api/Authentication")]
public class AuthenticationController : Controller
{
private IUnitOfWork _unitOfWork;
public AuthenticationController(IUnitOfWork unitOfWork)
{
_unitOfWork = unitOfWork;
}
[HttpPost]
[Route("/api/login")]
public JsonResult Login([FromBody]LoginInfo loginInfo)
{
return Json(new { id_token = _unitOfWork.Users.CreateJwt(loginInfo) });
}
这里是角码:
@Injectable()
export class AuthenticationService {
private _currentAdminMode: boolean = false;
constructor(private _http: Http, private _config: ConfigurationService) {
}
public login(logInfo: LoginInfo): Observable<TokenContainer> {
var headers = new Headers();
headers.append('Content-Type', 'application/json');
//return an observable
return this._http.post(this._config.hostPrefix + '/api/login', JSON.stringify(logInfo), { headers: headers })
.map((response) => {
return <TokenContainer>(response.json());
});
}
是我得到在浏览器的控制台确切的错误是:
XMLHttpRequest cannot load http://localhost:34376/api/login. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:3000' is therefore not allowed access. The response had HTTP status code 500.
请注意,我是从得到一个500错误POST请求。这似乎不像服务器在发生CORS问题时发送的错误。我认为这是另一回事,但是,所有这些代码都在单一域中工作,现在CORS出现了一些问题。无论如何,我已经阅读了一切,我可以找到,没有任何工作。我在想,这可能与WebAPI路线有关。
感谢您的帮助!
您向API发出请求时出现的确切错误是什么?你确定他们是CORS相关的吗? –
我从浏览器的控制台编辑了具有确切错误的问题。不知道问题出在哪里,我不知道如何进一步调试它。我已经在控制器操作方法上设置了一个断点,我可以告诉你我永远不会达到这个断点。谢谢! –
你能用邮递员或类似的应用程序登录吗? –