我有一個非常簡單的 ASP.NET core-webapi,我正試圖從我的客戶端訪問它。客戶端正在運行http://localhost:3000,而我的服務器正在運行https//localhost:7156。所以我添加了一個政策來接受來自以下的請求localhost:3000:
我的Program.cs:
var builder = WebApplication.CreateBuilder(args);
// basic otel instrumentalisation
builder.Services.AddOpenTelemetryTracing(svc =>
{
svc.AddSource(new[] { nameof(ServiceController), nameof(StressTestController), nameof(BoundaryPointsController), nameof(AaaServiceClient) }).
SetResourceBuilder(ResourceBuilder.CreateDefault().AddService(serviceName: svcName, serviceVersion: svcVersion)).
AddHttpClientInstrumentation().
AddAspNetCoreInstrumentation();
}).AddCors(options =>
{
options.AddDefaultPolicy(
builder =>
{
builder.WithOrigins("https://localhost:3000",
"http://localhost:3000",
"localhost:3000");
});
});
builder.Services.AddControllers();
builder.Services.AddEndpointsApiExplorer();
builder.Services.AddSwaggerGen();
var app = builder.Build();
app.UseHttpsRedirection();
app.UseCors();
app.UseAuthorization();
app.MapControllers();
app.Run();
我的控制器:
[EnableCors]
[ApiController]
[Route("api/projectdb/[action]")]
public class LoadDataController : ControllerBase
{
[HttpPost, ActionName("load")]
public async Task<ActionResult> LoadData() { ... }
}
當我執行來自客戶的請求時,我收到 CORS 錯誤:
const response = await fetch(`https://localhost:7156/api/projectdb/load`, {
method: 'POST',
body: '{ }',
headers: {'Content-Type': 'application/json; charset=UTF-8'}
});
這是我得到的錯誤:
CORS 策略已阻止從源“http://localhost:3000”獲取“https://localhost:7156/api/projectdb/load”的訪問權限:Access-Control 不允許請求標頭欄位內容型別- 預檢回應中的允許標頭。
uj5u.com熱心網友回復:
錯誤訊息很重要:由于您請求的Content-Typeheader的值,您需要在 CORS 配置中明確允許該標頭:
// -snip-
.AddCors(options =>
options.AddDefaultPolicy(builder =>
builder.WithOrigins("http://localhost:3000")
.WithHeaders("Content-Type");
)
);
轉載請註明出處,本文鏈接:https://www.uj5u.com/net/431750.html