ASP.NET CORS

CORS(Cross-Origin Resource Sharing)是由W3C指定的标准,其目的是帮助在各个站点间的资源共享。实现跨域资源共享。
在.NETCore中,可以通过以下三种方式启用CORS
1.使用默认策略/命名策略的中间件的方式 

 1 private readonly string CORS_ALLOW_ORGINS = "cors_allow_orgins";
 2 
 3 public void ConfigureServices(IServiceCollection services)
 4 {
 5     services.AddCors(options =>
 6     {
 7         options.AddPolicy(CORS_ALLOW_ORGINS, policy =>
 8         {
 9             policy.WithOrigins("http://localhost:5500", "http://localhost:8099");
10         });
11     });
12     services.AddControllers().AddJsonOptions(options =>
13     {
14         options.JsonSerializerOptions.Converters.Add(new StringJsonConverter());
15     });
16 }
17 
18 // This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
19 public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
20 {
21     if (env.IsDevelopment())
22     {
23         app.UseDeveloperExceptionPage();
24     }
25     app.UseRouting();
26     app.UseCors(CORS_ALLOW_ORGINS);
27     app.UseAuthorization();
28     app.UseEndpoints(endpoints =>
29     {
30         endpoints.MapControllers();
31     });
32 }
使用命名策略的中间件的形式

2.终结点路由+命名策略

 1 private readonly string CORS_ALLOW_ORGINS = "cors_allow_orgins";
 2 public void ConfigureServices(IServiceCollection services)
 3 {
 4     services.AddCors(options =>
 5     {
 6         options.AddPolicy(CORS_ALLOW_ORGINS, policy =>
 7         {
 8             policy.WithOrigins("http://localhost:5500", "http://localhost:8099");
 9         });
10     });
11     services.AddControllers().AddJsonOptions(options =>
12     {
13         options.JsonSerializerOptions.Converters.Add(new StringJsonConverter());
14     });
15 }
16 // This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
17 public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
18 {
19     if (env.IsDevelopment())
20     {
21         app.UseDeveloperExceptionPage();
22     }
23     app.UseRouting();
24     app.UseCors();
25     app.UseAuthorization();
26     app.UseEndpoints(endpoints =>
27     {
28         endpoints.MapControllerRoute("weatherforecast", "{controller=WeatherForecast}/{action=Get}").RequireCors(CORS_ALLOW_ORGINS);
29         // endpoints.MapControllers();
30     });
31 }
使用命名策略+终结点路由的形式

3.命名策略+EnableCorsAttribute

 1 public void ConfigureServices(IServiceCollection services)
 2 {
 3     services.AddCors(options =>
 4     {
 5         options.AddPolicy("controller_cors", policy =>
 6         {
 7             policy.WithOrigins("http://localhost:5500", "http://localhost:8099");
 8         });
 9         options.AddPolicy("action_cors", policy =>
10         {
11             policy.WithOrigins("http://localhost:5500", "http://localhost:8099");
12         });
13     });
14     services.AddControllers().AddJsonOptions(options =>
15     {
16         options.JsonSerializerOptions.Converters.Add(new StringJsonConverter());
17     });
18 }
19 
20 // This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
21 public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
22 {
23     if (env.IsDevelopment())
24     {
25         app.UseDeveloperExceptionPage();
26     }
27     app.UseRouting();
28     app.UseCors();
29     app.UseAuthorization();
30     app.UseEndpoints(endpoints =>
31     {
32         endpoints.MapControllers();
33     });
34 }
35 
36 然后在相关的Controller和Action上面设置EnableCorsAttribute特性。
命名策略+EnableCorsAttribute

 

posted @ 2020-07-30 16:36  落落落落码  阅读(188)  评论(0编辑  收藏  举报