CORS(Cross-Origin Resource Sharing)是由W3C指定的标准,其目的是帮助在各个站点间的资源共享。实现跨域资源共享。
在.NETCore中,可以通过以下三种方式启用CORS
1.使用默认策略/命名策略的中间件的方式
1 private readonly string CORS_ALLOW_ORGINS = "cors_allow_orgins"; 2 3 public void ConfigureServices(IServiceCollection services) 4 { 5 services.AddCors(options => 6 { 7 options.AddPolicy(CORS_ALLOW_ORGINS, policy => 8 { 9 policy.WithOrigins("http://localhost:5500", "http://localhost:8099"); 10 }); 11 }); 12 services.AddControllers().AddJsonOptions(options => 13 { 14 options.JsonSerializerOptions.Converters.Add(new StringJsonConverter()); 15 }); 16 } 17 18 // This method gets called by the runtime. Use this method to configure the HTTP request pipeline. 19 public void Configure(IApplicationBuilder app, IWebHostEnvironment env) 20 { 21 if (env.IsDevelopment()) 22 { 23 app.UseDeveloperExceptionPage(); 24 } 25 app.UseRouting(); 26 app.UseCors(CORS_ALLOW_ORGINS); 27 app.UseAuthorization(); 28 app.UseEndpoints(endpoints => 29 { 30 endpoints.MapControllers(); 31 }); 32 }
2.终结点路由+命名策略
1 private readonly string CORS_ALLOW_ORGINS = "cors_allow_orgins"; 2 public void ConfigureServices(IServiceCollection services) 3 { 4 services.AddCors(options => 5 { 6 options.AddPolicy(CORS_ALLOW_ORGINS, policy => 7 { 8 policy.WithOrigins("http://localhost:5500", "http://localhost:8099"); 9 }); 10 }); 11 services.AddControllers().AddJsonOptions(options => 12 { 13 options.JsonSerializerOptions.Converters.Add(new StringJsonConverter()); 14 }); 15 } 16 // This method gets called by the runtime. Use this method to configure the HTTP request pipeline. 17 public void Configure(IApplicationBuilder app, IWebHostEnvironment env) 18 { 19 if (env.IsDevelopment()) 20 { 21 app.UseDeveloperExceptionPage(); 22 } 23 app.UseRouting(); 24 app.UseCors(); 25 app.UseAuthorization(); 26 app.UseEndpoints(endpoints => 27 { 28 endpoints.MapControllerRoute("weatherforecast", "{controller=WeatherForecast}/{action=Get}").RequireCors(CORS_ALLOW_ORGINS); 29 // endpoints.MapControllers(); 30 }); 31 }
3.命名策略+EnableCorsAttribute
1 public void ConfigureServices(IServiceCollection services) 2 { 3 services.AddCors(options => 4 { 5 options.AddPolicy("controller_cors", policy => 6 { 7 policy.WithOrigins("http://localhost:5500", "http://localhost:8099"); 8 }); 9 options.AddPolicy("action_cors", policy => 10 { 11 policy.WithOrigins("http://localhost:5500", "http://localhost:8099"); 12 }); 13 }); 14 services.AddControllers().AddJsonOptions(options => 15 { 16 options.JsonSerializerOptions.Converters.Add(new StringJsonConverter()); 17 }); 18 } 19 20 // This method gets called by the runtime. Use this method to configure the HTTP request pipeline. 21 public void Configure(IApplicationBuilder app, IWebHostEnvironment env) 22 { 23 if (env.IsDevelopment()) 24 { 25 app.UseDeveloperExceptionPage(); 26 } 27 app.UseRouting(); 28 app.UseCors(); 29 app.UseAuthorization(); 30 app.UseEndpoints(endpoints => 31 { 32 endpoints.MapControllers(); 33 }); 34 } 35 36 然后在相关的Controller和Action上面设置EnableCorsAttribute特性。