// Startup.ConfigureServices() method
// For example only, put these values in the appsettings.json so they could be overridden if you need it
var corsAllowAnyOrigin = false;
var corsAllowOrigins = new string[]{ "https://*.contoso.com", "https://api.contoso.com" };
// Configuring CORS module
services.AddCors(options =>
{
options.AddDefaultPolicy(
builder =>
{
if (apiConfiguration.CorsAllowAnyOrigin)
{
builder.AllowAnyOrigin();
}
else
{
builder.WithOrigins(apiConfiguration.CorsAllowOrigins);
}
builder.AllowAnyHeader();
builder.AllowAnyMethod();
});
});
1条答案
按热度按时间kwvwclae1#
要摆脱它,你必须列出所有允许发送请求到你的端点的来源。如果你正在运行ASP.NET核心应用程序,那么你必须像这样配置CORS中间件:
对于Web窗体应用程序,您可以安装IIS CORS模块,并在
web.config
文件中对其进行如下配置: