using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.Http.Filters;
namespace Project1.Application.Web.API
{
public class CrossSiteAttribute: System.Web.Http.Filters.ActionFilterAttribute
{
//使用方法:
/*
在需要跨域的 action 增加[CrossSite]属性
例子:
[CrossSite]
[HttpPost]
public HttpResponseMessage GetData()
{
StringBuilder sb = new StringBuilder();
sb.AppendFormat(@" SELECT p.province as 'name',a.gaidu as 'value' FROM MapQueryDataBySheng a
INNER JOIN t_Province p ON a.areaid=p.id");
DataTable dt = SQLHelper.ExecDataTable(sb.ToString(), null);
string strJson = DataTableToJsonWithJsonNet(dt);
return new HttpResponseMessage { Content = new StringContent(strJson, Encoding.GetEncoding("UTF-8"), "application/json") };
}
*/
private const string Origin = "Origin";
/// <summary>
/// Access-Control-Allow-Origin是HTML5中定义的一种服务器端返回Response header,用来解决资源(比如字体)的跨域权限问题。
/// </summary>
private const string AccessControlAllowOrigin = "Access-Control-Allow-Origin";
/// <summary>
/// originHeaderdefault的值可以使 URL 或 *,如果是 URL 则只会允许来自该 URL 的请求,* 则允许任何域的请求
/// </summary>
private const string originHeaderdefault = "*";
/// <summary>
/// 该方法允许api支持跨域调用
/// </summary>
/// <param name="actionExecutedContext"> 初始化 System.Web.Http.Filters.HttpActionExecutedContext 类的新实例。</param>
public override void OnActionExecuted(HttpActionExecutedContext actionExecutedContext)
{
if (actionExecutedContext != null)
{
actionExecutedContext.Response.Headers.Add(AccessControlAllowOrigin, originHeaderdefault);
}
}
}
}
