StudyGroup
/
CorsStudy
2
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

开发更新

Browse Source
master
bicijinlian 4 years ago
parent fafa5ae02a
commit 0d0916ae44
8 changed files with 84 additions and 63 deletions
Show Stats Download Patch File Download Diff File

8
CorsClient/CorsClient/wwwroot/Index.html
Unescape Escape View File

@ -47,10 +47,10 @@
<body>
<div id="MenuLinks">
<ul>
<li method="GET" dataType="json" contentType="application/x-www-form-urlencoded" url="http://localhost:5000/api/Test/Ping">简单API</li>
<li method="GET" dataType="json" contentType="application/x-www-form-urlencoded" url="http://localhost:5000/api/Cors/Ping">全局跨域策略</li>
<li method="GET" dataType="json" contentType="application/x-www-form-urlencoded" url="http://localhost:5000/api/Cors/NoCors">不允许跨域</li>
<li method="PUT" dataType="json" contentType="application/x-www-form-urlencoded" url="http://localhost:5000/api/Cors/HasCors">单独明确可以跨域</li>
<li method="GET" dataType="json" contentType="application/x-www-form-urlencoded" url="http://localhost:7050/api/Test/Ping">简单API</li>
<li method="GET" dataType="json" contentType="application/x-www-form-urlencoded" url="http://localhost:7050/api/Cors/Ping">全局跨域策略</li>
<li method="GET" dataType="json" contentType="application/x-www-form-urlencoded" url="http://localhost:7050/api/Cors/NoCors">不允许跨域</li>
<li method="PUT" dataType="json" contentType="application/x-www-form-urlencoded" url="http://localhost:7050/api/Cors/HasCors">单独明确可以跨域</li>
</ul>
</div>
<pre id="ContentBox">

6
CorsServer/CorsServer.WebApi31/ApiConst.cs
Unescape Escape View File

@ -5,12 +5,10 @@ using System.Threading.Tasks;
namespace CorsServer.WebApi31
{
public class ApiConst
{
}
public class CorsPolicyNameConst
public class ApplicationConst
{
public const string DefaultPolicyName = "AllowAll";
public const string CorsConfigOptionName = "CorsOption";
}
}

2
CorsServer/CorsServer.WebApi31/Controllers/CorsController.cs
Unescape Escape View File

@ -38,7 +38,7 @@ namespace CorsServer.WebApi31.Controllers
[HttpDelete]
[HttpPatch]
[HttpOptions]
[EnableCors(CorsPolicyNameConst.DefaultPolicyName)]
[EnableCors(ApplicationConst.DefaultPolicyName)]
public IActionResult HasCors()
{
var data = new { Code = 0, Messge = "单独明确可以跨域" };

4
CorsServer/CorsServer.WebApi31/Properties/launchSettings.json
Unescape Escape View File

@ -4,7 +4,7 @@
"windowsAuthentication": false,
"anonymousAuthentication": true,
"iisExpress": {
"applicationUrl": "http://localhost:40118",
"applicationUrl": "http://localhost:7050",
"sslPort": 0
}
},
@ -21,7 +21,7 @@
"commandName": "Project",
"launchBrowser": true,
"launchUrl": "api/Test/Ping",
"applicationUrl": "http://localhost:5000",
"applicationUrl": "http://localhost:7050",
"environmentVariables": {
"ASPNETCORE_ENVIRONMENT": "Development"
}

70
CorsServer/CorsServer.WebApi31/Startup.cs
Unescape Escape View File

@ -26,10 +26,11 @@ namespace CorsServer.WebApi31
public void ConfigureServices(IServiceCollection services)
{
//Config
services.Configure<CorsOption>(Configuration.GetSection("CORS"));
services.Configure<CorsOption>(Configuration.GetSection(ApplicationConst.CorsConfigOptionName));
#region CORS
AddCors_Test(services);
AddCors_Config(services);
//AddCors_Test(services);
//AddCors_2(services);
//AddCors_3(services);
//AddCors_4(services);
@ -43,17 +44,49 @@ namespace CorsServer.WebApi31
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
//app.UseDatabaseErrorPage();
}
else
{
//app.UseExceptionHandler("/Error");
//app.UseHsts();
}
// app.UseHttpsRedirection();
#region 压缩和绑在静态文件
// app.UseResponseCompression();
// app.UseResponseCaching();
#endregion
//¸ù·¾¶£ºÈ«¾Ö·ÃÎÊÇ°ê¡ http://www.custom.com/PathBase/
//app.UsePathBase("/api/");
// app.UseStaticFiles();
// app.UseCookiePolicy();
// 根路径:全局访问前辍 http://www.custom.com/PathBase/
// app.UsePathBase("/api/");
app.UseRouting();
app.UseCors(CorsPolicyNameConst.DefaultPolicyName);
// app.UseRequestLocalization();
// UseRouting() 和 UseAuthentication()之间
// 中间件顺序 https://docs.microsoft.com/zh-cn/aspnet/core/fundamentals/middleware/?view=aspnetcore-6.0#middleware-order
app.UseCors(ApplicationConst.DefaultPolicyName);
//app.UseAuthentication();
app.UseAuthorization();
//请在 Cookie策略中间件之后和 MVC中间件之前调用会话中间件。
// app.UseSession();
// app.UseResponseCompression();
// app.UseResponseCaching();
//自定义中间件
app.UseEndpoints(endpoints =>
{
endpoints.MapControllers();
@ -68,7 +101,7 @@ namespace CorsServer.WebApi31
services.AddCors(setup =>
{
var corsOption = services.BuildServiceProvider().GetRequiredService<IOptionsSnapshot<CorsOption>>().Value;
setup.AddPolicy(CorsPolicyNameConst.DefaultPolicyName, build =>
setup.AddPolicy(ApplicationConst.DefaultPolicyName, build =>
{
build
@ -120,7 +153,7 @@ namespace CorsServer.WebApi31
{
services.AddCors(setup =>
{
setup.AddPolicy(CorsPolicyNameConst.DefaultPolicyName, build =>
setup.AddPolicy(ApplicationConst.DefaultPolicyName, build =>
{
build
@ -171,7 +204,7 @@ namespace CorsServer.WebApi31
{
services.AddCors(setup =>
{
setup.AddPolicy(CorsPolicyNameConst.DefaultPolicyName, build =>
setup.AddPolicy(ApplicationConst.DefaultPolicyName, build =>
{
build
@ -209,7 +242,7 @@ namespace CorsServer.WebApi31
{
services.AddCors(setup =>
{
setup.AddPolicy(CorsPolicyNameConst.DefaultPolicyName, build =>
setup.AddPolicy(ApplicationConst.DefaultPolicyName, build =>
{
build
@ -243,7 +276,7 @@ namespace CorsServer.WebApi31
{
services.AddCors(setup =>
{
setup.AddPolicy(CorsPolicyNameConst.DefaultPolicyName, build =>
setup.AddPolicy(ApplicationConst.DefaultPolicyName, build =>
{
build
.AllowAnyOrigin()
@ -261,7 +294,7 @@ namespace CorsServer.WebApi31
services.AddCors(setup =>
{
var corsOption = services.BuildServiceProvider().GetRequiredService<IOptionsSnapshot<CorsOption>>().Value;
setup.AddPolicy(CorsPolicyNameConst.DefaultPolicyName, build =>
setup.AddPolicy(ApplicationConst.DefaultPolicyName, build =>
{
build
.WithOrigins(corsOption.Origins.ToArray())
@ -278,7 +311,7 @@ namespace CorsServer.WebApi31
{
services.AddCors(setup =>
{
setup.AddPolicy(CorsPolicyNameConst.DefaultPolicyName, build =>
setup.AddPolicy(ApplicationConst.DefaultPolicyName, build =>
{
build.AllowAnyOrigin().AllowAnyMethod().AllowAnyHeader().WithExposedHeaders("x-custom-error");
});
@ -291,7 +324,7 @@ namespace CorsServer.WebApi31
services.AddCors(setup =>
{
var corsOption = services.BuildServiceProvider().GetRequiredService<IOptionsSnapshot<CorsOption>>().Value;
setup.AddPolicy(CorsPolicyNameConst.DefaultPolicyName, builder =>
setup.AddPolicy(ApplicationConst.DefaultPolicyName, builder =>
{
builder
////.SetIsOriginAllowedToAllowWildcardSubdomains()
@ -313,7 +346,7 @@ namespace CorsServer.WebApi31
services.AddCors(setup =>
{
var corsOption = services.BuildServiceProvider().GetRequiredService<IOptionsSnapshot<CorsOption>>().Value;
setup.AddPolicy(CorsPolicyNameConst.DefaultPolicyName, builder =>
setup.AddPolicy(ApplicationConst.DefaultPolicyName, builder =>
{
if (corsOption.Origins == null)
{
@ -337,6 +370,10 @@ namespace CorsServer.WebApi31
{
builder.AllowAnyMethod();
}
else if (corsOption.Methods.Contains("*"))
{
builder.AllowAnyMethod();
}
else
{
builder.WithMethods(corsOption.Methods.ToArray());
@ -346,6 +383,11 @@ namespace CorsServer.WebApi31
{
builder.AllowAnyHeader();
}
else if (corsOption.Headers.Contains("*"))
{
builder.AllowAnyHeader();
}
else
{
builder.WithMethods(corsOption.Headers.ToArray());

10
CorsServer/CorsServer.WebApi31/StartupConfig.cs
Unescape Escape View File

@ -26,7 +26,7 @@ namespace CorsServer.WebApi31
public void ConfigureServices(IServiceCollection services)
{
//Config
services.Configure<CorsOption>(Configuration.GetSection("CORS"));
services.Configure<CorsOption>(Configuration.GetSection(ApplicationConst.CorsConfigOptionName));
//CorsÅäÖÃÎļþÑ¡Ïî
AddCors_Config(services);
@ -43,7 +43,7 @@ namespace CorsServer.WebApi31
app.UseRouting();
app.UseCors(CorsPolicyNameConst.DefaultPolicyName);
app.UseCors(ApplicationConst.DefaultPolicyName);
app.UseAuthorization();
@ -53,14 +53,12 @@ namespace CorsServer.WebApi31
});
}
#region 注册不同的Cors策略
private IServiceCollection AddCors_Config(IServiceCollection services)
{
services.AddCors(setup =>
{
var corsOption = services.BuildServiceProvider().GetRequiredService<IOptionsSnapshot<CorsOption>>().Value;
setup.AddPolicy(CorsPolicyNameConst.DefaultPolicyName, builder =>
setup.AddPolicy(ApplicationConst.DefaultPolicyName, builder =>
{
if (corsOption.Origins == null)
{
@ -121,7 +119,5 @@ namespace CorsServer.WebApi31
return services;
}
#endregion
}
}

43
CorsServer/CorsServer.WebApi31/StartupDefaultPolicy.cs
Unescape Escape View File

@ -25,11 +25,20 @@ namespace CorsServer.WebApi31
public void ConfigureServices(IServiceCollection services)
{
//config
services.Configure<CorsOption>(Configuration.GetSection("CORS"));
//Cors
AddDefaultCors(services);
//ÉèÖÃĬÈϲßÂÔCors
services.AddCors(setupCors =>
{
//ĬÈϲßÂÔ
setupCors.AddDefaultPolicy(build =>
{
build
.AllowAnyOrigin()
.AllowAnyMethod()
.AllowAnyHeader()
.SetPreflightMaxAge(TimeSpan.FromMinutes(10))
;
});
});
services.AddControllers();
}
@ -41,9 +50,6 @@ namespace CorsServer.WebApi31
app.UseDeveloperExceptionPage();
}
//根路径:全局访问前辍 http://www.custom.com/PathBase/
//app.UsePathBase("/api/");
app.UseRouting();
app.UseCors();
@ -55,26 +61,5 @@ namespace CorsServer.WebApi31
endpoints.MapControllers();
});
}
/// <summary>
/// 设置默认策略Cors
/// </summary>
private IServiceCollection AddDefaultCors(IServiceCollection services)
{
services.AddCors(setupCors =>
{
setupCors.AddDefaultPolicy(build =>
{
build
.AllowAnyOrigin()
.AllowAnyMethod()
.AllowAnyHeader()
.SetPreflightMaxAge(TimeSpan.FromMinutes(10))
;
});
});
return services;
}
}
}

4
CorsServer/CorsServer.WebApi31/appsettings.json
Unescape Escape View File

@ -1,6 +1,6 @@
{
"urls": "http://*:5000",
"CORS": {
"urls": "http://*:7050",
"CorsOption": {
"Origins": ["*"],
"Methods": [ "*" ],
"Headers": [ "*" ],

Write Preview
Loading…
Cancel
Save