我是按照在web.api使CORS通常的步骤,却得到了一个404针对Chrome的OPTIONS请求,并在Firefox中,我得到Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://api.mydomain.com/api/1/widgets. This can be fixed by moving the resource to the same domain or enabling CORS.
404 web.api CORS OPTIONS
在我WebApiConfig。 CS我有:
var enableCorsAttribute = new EnableCorsAttribute("*", "*", "*");
config.EnableCors(enableCorsAttribute);
我也尝试添加EnableCors
属性特定控制器或行动,都具有相同的结果。
我还添加以下到我的web.config:
<modules runAllManagedModulesForAllRequests="true">
<remove name="WebDAVModule" />
</modules>
<handlers>
<remove name="WebDAV" />
...
这里是我的javascript:
$.ajax({
url: 'https://api.mydomain.com/api/1/widgets',
type: "GET",
headers: {
Accept: "text/html; charset=utf-8",
Authorization: 'Bearer ???????????????????????????????'
}
});
但反应是在Chrome 404和“跨来源请求已屏蔽“在Firefox中。
这里是失败的请求的从我的Chrome开发者工具栏的详细信息:
Remote Address:??.???.???.???:443
Request URL:https://api.mydomain.com/api/1/widgets
Request Method:OPTIONS
Status Code:404 Not Found
请求
OPTIONS /api/1/widgets HTTP/1.1
Host: api.mydomain.com
Connection: keep-alive
Access-Control-Request-Method: GET
Origin: http://myotherdomain.com
User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.143 Safari/537.36
Access-Control-Request-Headers: accept, authorization
Accept: */*
Referer: http://myotherdomain.com/
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-GB,en;q=0.8,en-US;q=0.6
响应
HTTP/1.1 404 Not Found
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: http://myotherdomain.com
Access-Control-Allow-Credentials: true
X-AspNetMvc-Version: 5.0
X-UA-Compatible: IE=edge,chrome=1
X-Frame-Options: SAMEORIGIN
Cache-conrol: no-store
Date: Thu, 28 Aug 2014 16:00:28 GMT
Content-Length: 341
我缺少什么?
感谢您的提示!在我的情况下,我使用'MapHttpRoute'配置了我的路由,并且'OPTION'动词由于'System.Web.Http.Routing.HttpMethodConstraint'而不被允许。 – kbarton0 2016-08-02 21:42:33
+5这已经花了我整整一天,终于赶上了它! – ibubi 2017-03-09 14:21:05