StudyGroup
/
CorsStudy
2
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

更新

Browse Source
master
bicijinlian 4 years ago
parent 931a55b888
commit 4690486b9c
5 changed files with 211 additions and 32 deletions
Show Stats Download Patch File Download Diff File

16
CorsServer/CorsServer.WebApi31/ApiConst.cs
Unescape Escape View File

@ -0,0 +1,16 @@
using System;
using System.Collections.Generic;
using System.Linq;
using System.Threading.Tasks;
namespace CorsServer.WebApi31
{
public class ApiConst
{
}
public class CorsPolicyNameConst
{
public const string DefaultPolicyName = "AllowAll";
}
}

5
CorsServer/CorsServer.WebApi31/Config/CorsOption.cs
Unescape Escape View File

@ -7,11 +7,6 @@ namespace CorsServer.WebApi31
{ {
public class CorsOption public class CorsOption
{ {
/// <summary>
/// 策略名称
/// </summary>
public string PolicyName { get; set; }
/// <summary> /// <summary>
/// 允许跨域的域名列表 /// 允许跨域的域名列表
/// </summary> /// </summary>

6
CorsServer/CorsServer.WebApi31/Controllers/CorsController.cs
Unescape Escape View File

@ -14,8 +14,7 @@ namespace CorsServer.WebApi31.Controllers
public class CorsController : ControllerBase public class CorsController : ControllerBase
{ {
public CorsController() public CorsController()
{ {
} }
[HttpGet] [HttpGet]
@ -26,9 +25,10 @@ namespace CorsServer.WebApi31.Controllers
return Ok(data); return Ok(data);
} }
[HttpGet] [HttpGet]
[HttpOptions] [HttpOptions]
[EnableCors(Startup.CorsName)] [EnableCors(CorsPolicyNameConst.DefaultPolicyName)]
public IActionResult HasCors() public IActionResult HasCors()
{ {
var data = new { Code = 0, Messge = "单独明确可以跨域" }; var data = new { Code = 0, Messge = "单独明确可以跨域" };

207
CorsServer/CorsServer.WebApi31/Startup.cs
Unescape Escape View File

@ -10,13 +10,13 @@ using Microsoft.Extensions.Configuration;
using Microsoft.Extensions.DependencyInjection; using Microsoft.Extensions.DependencyInjection;
using Microsoft.Extensions.Hosting; using Microsoft.Extensions.Hosting;
using Microsoft.Extensions.Logging; using Microsoft.Extensions.Logging;
using Microsoft.Extensions.Options;
namespace CorsServer.WebApi31 namespace CorsServer.WebApi31
{ {
public class Startup public class Startup
{ {
public const string CorsName = "Any"; public Startup(IConfiguration configuration,IHostEnvironment hostingEnvironment,IWebHostEnvironment webHostEnvironment)
public Startup(IConfiguration configuration)
{ {
Configuration = configuration; Configuration = configuration;
} }
@ -26,18 +26,19 @@ namespace CorsServer.WebApi31
public void ConfigureServices(IServiceCollection services) public void ConfigureServices(IServiceCollection services)
{ {
#region Config #region Config
services.Configure<CorsOption>(); services.Configure<CorsOption>(Configuration.GetSection("CORS"));
#endregion #endregion
#region CORS #region CORS
AddCors_1(services); AddCors_Test(services);
//AddCors_2(services); //AddCors_2(services);
//AddCors_3(services); //AddCors_3(services);
//AddCors_4(services); //AddCors_4(services);
//AddCors_5(services);
#endregion #endregion
services.AddControllers(); services.AddControllers();
} }
public void Configure(IApplicationBuilder app, IWebHostEnvironment env) public void Configure(IApplicationBuilder app, IWebHostEnvironment env, IOptionsSnapshot<CorsOption> corsOtionsSnapshot)
{ {
if (env.IsDevelopment()) if (env.IsDevelopment())
{ {
@ -49,7 +50,7 @@ namespace CorsServer.WebApi31
app.UseRouting(); app.UseRouting();
app.UseCors(CorsName); app.UseCors(CorsPolicyNameConst.DefaultPolicyName);
app.UseAuthorization(); app.UseAuthorization();
@ -59,30 +60,171 @@ namespace CorsServer.WebApi31
}); });
} }
private IServiceCollection AddCors_1(IServiceCollection services) /// <summary>
/// 全部设置项说明
/// </summary>
private IServiceCollection AddCors_Info(IServiceCollection services)
{ {
services.AddCors(setup => services.AddCors(setup =>
{ {
setup.AddPolicy(CorsName, build => setup.AddPolicy(CorsPolicyNameConst.DefaultPolicyName, build =>
{ {
build build
//请求来源
.AllowAnyOrigin() //允许任何请求来源
//.WithOrigins() //允许指定请求来源
.SetIsOriginAllowed(_ => true) //使用Func<string bool> 委托方法,确定是否允许请求源跨域
.SetIsOriginAllowedToAllowWildcardSubdomains() //允许请求源中使用通配符(*等)
//请求方法(POST GET PUT DELETE OPTIONS等)
.AllowAnyMethod() //允许所有方法
//.WithMethods() //允许指定方法
//请求头
.AllowAnyHeader() //允许所有请求头
//.WithHeaders() //允许指定请求头
//凭据
.AllowCredentials() //允许凭据:证书中包含缓存(cookies)和HTTP验证协议(HTTP authentication schemes)
//.DisallowCredentials() //拒绝凭据
//.WithExposedHeaders() //设置暴露的自定义响应头(默认情况下,浏览器只会暴露默认的响应头给应用,其它自定义影响头不会暴露给应用程序)
;
/*
.net core 2.1, AllowAnyOrigin() AllowCredentials() 使
1使AllowCredentials().SetIsOriginAllowed(_ => true) AllowAnyOrigin()
2使AllowCredentials() WithOrigins()(使SetIsOriginAllowedToAllowWildcardSubdomains()) AllowAnyOrigin()
3
*/
});
});
return services;
}
/// <summary>
/// CORS 模板
/// </summary>
private IServiceCollection AddCors_Template(IServiceCollection services)
{
services.AddCors(setup =>
{
var corsOption = services.BuildServiceProvider().GetRequiredService<IOptionsSnapshot<CorsOption>>().Value;
setup.AddPolicy(CorsPolicyNameConst.DefaultPolicyName, build =>
{
build
//请求来源
.AllowAnyOrigin() .AllowAnyOrigin()
//.WithOrigins(corsOption.Origins.ToArray())
//.SetIsOriginAllowed(_ => true)
//.SetIsOriginAllowedToAllowWildcardSubdomains()
//请求方法(POST GET PUT DELETE OPTIONS等)
.AllowAnyMethod() .AllowAnyMethod()
//.WithMethods(corsOption.Methods.ToArray())
//请求头
.AllowAnyHeader() .AllowAnyHeader()
.WithExposedHeaders("x-custom-error"); //.WithHeaders(corsOption.Headers.ToArray())
//凭据
//.AllowCredentials()
//.DisallowCredentials()
//.WithExposedHeaders()
;
}); });
}); });
return services; return services;
} }
private IServiceCollection AddCors_2(IServiceCollection services) /// <summary>
/// 测试
/// </summary>
private IServiceCollection AddCors_Test(IServiceCollection services)
{
services.AddCors(setup =>
{
setup.AddPolicy(CorsPolicyNameConst.DefaultPolicyName, build =>
{
build
//请求来源
.AllowAnyOrigin()
//.WithOrigins()
//.SetIsOriginAllowed(_ => true)
//.SetIsOriginAllowedToAllowWildcardSubdomains()
//请求方法(POST GET PUT DELETE OPTIONS等)
.AllowAnyMethod()
//.WithMethods()
//请求头
.AllowAnyHeader()
//.WithHeaders()
//凭据
//.AllowCredentials()
//.DisallowCredentials()
//.WithExposedHeaders()
;
});
});
return services;
}
private IServiceCollection AddCors_Single(IServiceCollection services)
{
services.AddCors(setup =>
{
setup.AddPolicy(CorsPolicyNameConst.DefaultPolicyName, build =>
{
build
//请求来源
.AllowAnyOrigin()
//.WithOrigins()
//.SetIsOriginAllowed(_ => true)
//.SetIsOriginAllowedToAllowWildcardSubdomains()
//请求方法(POST GET PUT DELETE OPTIONS等)
//.AllowAnyMethod()
//.WithMethods()
//请求头
//.AllowAnyHeader()
//.WithHeaders()
//凭据
//.AllowCredentials()
//.DisallowCredentials()
//.WithExposedHeaders()
;
});
});
return services;
}
private IServiceCollection AddCors_All(IServiceCollection services)
{ {
services.AddCors(setup => services.AddCors(setup =>
{ {
setup.AddPolicy(CorsName, build => setup.AddPolicy(CorsPolicyNameConst.DefaultPolicyName, build =>
{ {
build.AllowAnyOrigin().AllowAnyMethod().AllowAnyHeader().WithExposedHeaders("x-custom-error"); build
.AllowAnyOrigin()
.AllowAnyMethod()
.AllowAnyHeader()
;
}); });
}); });
@ -92,12 +234,17 @@ namespace CorsServer.WebApi31
private IServiceCollection AddCors_3(IServiceCollection services) private IServiceCollection AddCors_3(IServiceCollection services)
{ {
services.AddCors(setup => services.AddCors(setup =>
{ {
setup.AddPolicy(CorsName, build => var corsOption = services.BuildServiceProvider().GetRequiredService<IOptionsSnapshot<CorsOption>>().Value;
{ setup.AddPolicy(CorsPolicyNameConst.DefaultPolicyName, build =>
build.AllowAnyOrigin().AllowAnyMethod().AllowAnyHeader().WithExposedHeaders("x-custom-error"); {
}); build
}); .WithOrigins(corsOption.Origins.ToArray())
.WithMethods(corsOption.Methods.ToArray())
.WithHeaders(corsOption.Headers.ToArray())
.WithExposedHeaders(corsOption.ExposedHeaders.ToArray());
});
});
return services; return services;
} }
@ -106,12 +253,34 @@ namespace CorsServer.WebApi31
{ {
services.AddCors(setup => services.AddCors(setup =>
{ {
setup.AddPolicy(CorsName, build => setup.AddPolicy(CorsPolicyNameConst.DefaultPolicyName, build =>
{ {
build.AllowAnyOrigin().AllowAnyMethod().AllowAnyHeader().WithExposedHeaders("x-custom-error"); build.AllowAnyOrigin().AllowAnyMethod().AllowAnyHeader().WithExposedHeaders("x-custom-error");
}); });
}); });
return services; return services;
} }
private IServiceCollection AddCors_5(IServiceCollection services)
{
services.AddCors(setup =>
{
var corsOption = services.BuildServiceProvider().GetRequiredService<IOptionsSnapshot<CorsOption>>().Value;
setup.AddPolicy(CorsPolicyNameConst.DefaultPolicyName, builder =>
{
builder
////.SetIsOriginAllowedToAllowWildcardSubdomains()
.WithOrigins("http://localhost:5002")
//.AllowAnyMethod()
////.WithMethods(corsOption.Methods.ToArray())
//.AllowAnyHeader()
////.WithHeaders(corsOption.Headers.ToArray())
////.WithExposedHeaders(corsOption.ExposedHeaders.ToArray())
;
});
});
return services;
}
} }
} }

9
CorsServer/CorsServer.WebApi31/appsettings.json
Unescape Escape View File

@ -1,11 +1,10 @@
{ {
"urls": "http://*:5000", "urls": "http://*:5000",
"CORS": { "CORS": {
"PolicyName": "", "Origins": ["*"],
"Origin": ["*"], "Methods": [ "*" ],
"Method": [ "*" ], "Headers": [ "*" ],
"Header": [ "*" ], "ExposedHeaders": ["x-custom-error"]
"ExposedHeaders": []
}, },
"Logging": { "Logging": {
"LogLevel": { "LogLevel": {

Write Preview
Loading…
Cancel
Save