惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

S
SegmentFault 最新的问题
Spread Privacy
Spread Privacy
Google DeepMind News
Google DeepMind News
WordPress大学
WordPress大学
Blog — PlanetScale
Blog — PlanetScale
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
Apple Machine Learning Research
Apple Machine Learning Research
SecWiki News
SecWiki News
腾讯CDC
P
Privacy International News Feed
Webroot Blog
Webroot Blog
J
Java Code Geeks
爱范儿
爱范儿
A
About on SuperTechFans
S
Secure Thoughts
cs.CL updates on arXiv.org
cs.CL updates on arXiv.org
D
DataBreaches.Net
Cloudbric
Cloudbric
Security Archives - TechRepublic
Security Archives - TechRepublic
CTFtime.org: upcoming CTF events
CTFtime.org: upcoming CTF events
C
Cyber Attacks, Cyber Crime and Cyber Security
P
Proofpoint News Feed
钛媒体:引领未来商业与生活新知
钛媒体:引领未来商业与生活新知
H
Hackread – Cybersecurity News, Data Breaches, AI and More
Security Latest
Security Latest
Forbes - Security
Forbes - Security
小众软件
小众软件
www.infosecurity-magazine.com
www.infosecurity-magazine.com
C
Cybersecurity and Infrastructure Security Agency CISA
T
Threatpost
量子位
MongoDB | Blog
MongoDB | Blog
奇客Solidot–传递最新科技情报
奇客Solidot–传递最新科技情报
月光博客
月光博客
W
WeLiveSecurity
P
Privacy & Cybersecurity Law Blog
Vercel News
Vercel News
Google Online Security Blog
Google Online Security Blog
云风的 BLOG
云风的 BLOG
GbyAI
GbyAI
S
Security @ Cisco Blogs
T
The Exploit Database - CXSecurity.com
Help Net Security
Help Net Security
V
Visual Studio Blog
C
CXSECURITY Database RSS Feed - CXSecurity.com
Application and Cybersecurity Blog
Application and Cybersecurity Blog
博客园 - 聂微东
P
Proofpoint News Feed
C
CERT Recently Published Vulnerability Notes
Attack and Defense Labs
Attack and Defense Labs

博客园 - 佛西亚

https访问 asp.net Core上传文件 .NET Framework 4.0 DLL注册GAC 使用iText 7读取PDF文件中的文本和图片 用SQL Server Profiler跟踪AX执行的SQL语句 D365升级包 Ant Design Pro V5 + Django Restful Framework Token认证前台实现 Ant Design Pro V5 + Django Restful Framework Token认证后台实现(二) Ant Design Pro V5 + Django Restful Framework Token认证后台实现(一) D365 FO产生随机字符串 D365 FO Array增加排序 D365 FO无法命中断点 Ant Design Pro V5 开发时使用后台服务数据 同步数据库报错 DataEntity增加关联DataSource Java通过代理上传文件到Azure blob 使用iText7操作PDF D365 FO Json序列化和反序列化 D365 FO操作Azure Blob
JavaScript跨域访问
佛西亚 · 2020-11-18 · via 博客园 - 佛西亚

通过fetch访问后台C# Restful服务的时候,如果需要跨域,后台服务要设置支持CORS,否则会报错。

如果站点通过web服务器发布,会报如下错误:
Access to fetch at 'http://192.168.100.2:8080/Services/someAddress' from origin 'http://localhost:8080' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
如果是通过本地文件系统直接访问,没有把文件放到web服务器上,错误如下
Access to fetch at 'http://192.168.100.2:8080/Services/someAddress' from origin 'null' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
可以通过两种方式设置C# Restful WCF Services支持CORS.

1.修改web.config文件

在congfiguration中增加下面的节点,在Configuration里增加Access-Control-Allow-Origin等设置。

<?xml version="1.0"?>
<configuration>  
  <system.serviceModel>         
    <behaviors>
      <endpointBehaviors>
        <behavior name="web">
          <webHttp/>
        </behavior>
      </endpointBehaviors>
    </behaviors>
    <services>
      <service name="AXServices.MobileTransfer">
        <endpoint address="" binding="webHttpBinding" contract="AXServices.MobileTransfer" behaviorConfiguration="web"/>
      </service>
    </services>
  </system.serviceModel>
  <system.webServer>
    <httpProtocol>
      <customHeaders>
        <add name="Access-Control-Allow-Origin" value="*"/>
        <add name="Access-Control-Allow-Headers" value="Content-Type, Accept" />
        <add name="Access-Control-Allow-Methods" value="POST,GET,OPTIONS" />
        <add name="Access-Control-Max-Age" value="1728000" />
      </customHeaders>
    </httpProtocol>
  </system.webServer>
</configuration>

不过这种设置对于直接通过文件系统访问的时候不起作用,尝试将Access-Control-Allow-Origin的节点设置成null也没作用,不知道哪里还需要设置,暂时没找到设置的方法,或者这个方法不支持从本地文件发起的访问。
通过web服务器的URL访问可以正常使用。
2.增加Global.asax和Global.asax.cs文件

在Global.asax.cs增加如下代码

protected void Application_BeginRequest(object sender, EventArgs e)
        {
            HttpContext.Current.Response.AddHeader("Access-Control-Allow-Origin", "*");
            if (HttpContext.Current.Request.HttpMethod == "OPTIONS")
            {
                HttpContext.Current.Response.AddHeader("Access-Control-Allow-Methods", "POST, PUT, DELETE");

                HttpContext.Current.Response.AddHeader("Access-Control-Allow-Headers", "Content-Type, Accept");
                HttpContext.Current.Response.AddHeader("Access-Control-Max-Age", "1728000");
                HttpContext.Current.Response.End();
            }
        }

这种方法无论 通过web服务器还是文件访问都可以,将两个文件放到Services目录。

此内容由惯性聚合(RSS阅读器)自动聚合整理,仅供阅读参考。 原文来自 — 版权归原作者所有。