StudyGroup
/
CorsStudy
2
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

更新

Browse Source
master
bicijinlian 4 years ago
parent 931a55b888
commit 4690486b9c
5 changed files with 211 additions and 32 deletions
Show Stats Download Patch File Download Diff File

16
CorsServer/CorsServer.WebApi31/ApiConst.cs
Unescape Escape View File

@ -0,0 +1,16 @@
using System;
using System.Collections.Generic;
using System.Linq;
using System.Threading.Tasks;
namespace CorsServer.WebApi31
{
public class ApiConst
{
}
public class CorsPolicyNameConst
{
public const string DefaultPolicyName = "AllowAll";
}
}

5
CorsServer/CorsServer.WebApi31/Config/CorsOption.cs
Unescape Escape View File

@ -7,11 +7,6 @@ namespace CorsServer.WebApi31
{
public class CorsOption
{
/// <summary>
/// 策略名称
/// </summary>
public string PolicyName { get; set; }
/// <summary>
/// 允许跨域的域名列表
/// </summary>

4
CorsServer/CorsServer.WebApi31/Controllers/CorsController.cs
Unescape Escape View File

@ -15,7 +15,6 @@ namespace CorsServer.WebApi31.Controllers
{
public CorsController()
{
}
[HttpGet]
@ -26,9 +25,10 @@ namespace CorsServer.WebApi31.Controllers
return Ok(data);
}
[HttpGet]
[HttpOptions]
[EnableCors(Startup.CorsName)]
[EnableCors(CorsPolicyNameConst.DefaultPolicyName)]
public IActionResult HasCors()
{
var data = new { Code = 0, Messge = "单独明确可以跨域" };

207
CorsServer/CorsServer.WebApi31/Startup.cs
Unescape Escape View File

@ -10,13 +10,13 @@ using Microsoft.Extensions.Configuration;
using Microsoft.Extensions.DependencyInjection;
using Microsoft.Extensions.Hosting;
using Microsoft.Extensions.Logging;
using Microsoft.Extensions.Options;
namespace CorsServer.WebApi31
{
public class Startup
{
public const string CorsName = "Any";
public Startup(IConfiguration configuration)
public Startup(IConfiguration configuration,IHostEnvironment hostingEnvironment,IWebHostEnvironment webHostEnvironment)
{
Configuration = configuration;
}
@ -26,18 +26,19 @@ namespace CorsServer.WebApi31
public void ConfigureServices(IServiceCollection services)
{
#region Config
services.Configure<CorsOption>();
services.Configure<CorsOption>(Configuration.GetSection("CORS"));
#endregion
#region CORS
AddCors_1(services);
AddCors_Test(services);
//AddCors_2(services);
//AddCors_3(services);
//AddCors_4(services);
//AddCors_5(services);
#endregion
services.AddControllers();
}
public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
public void Configure(IApplicationBuilder app, IWebHostEnvironment env, IOptionsSnapshot<CorsOption> corsOtionsSnapshot)
{
if (env.IsDevelopment())
{
@ -49,7 +50,7 @@ namespace CorsServer.WebApi31
app.UseRouting();
app.UseCors(CorsName);
app.UseCors(CorsPolicyNameConst.DefaultPolicyName);
app.UseAuthorization();
@ -59,30 +60,171 @@ namespace CorsServer.WebApi31
});
}
private IServiceCollection AddCors_1(IServiceCollection services)
/// <summary>
/// 全部设置项说明
/// </summary>
private IServiceCollection AddCors_Info(IServiceCollection services)
{
services.AddCors(setup =>
{
setup.AddPolicy(CorsName, build =>
setup.AddPolicy(CorsPolicyNameConst.DefaultPolicyName, build =>
{
build
//请求来源
.AllowAnyOrigin() //允许任何请求来源
//.WithOrigins() //允许指定请求来源
.SetIsOriginAllowed(_ => true) //使用Func<string bool> 委托方法,确定是否允许请求源跨域
.SetIsOriginAllowedToAllowWildcardSubdomains() //允许请求源中使用通配符(*等)
//请求方法(POST GET PUT DELETE OPTIONS等)
.AllowAnyMethod() //允许所有方法
//.WithMethods() //允许指定方法
//请求头
.AllowAnyHeader() //允许所有请求头
//.WithHeaders() //允许指定请求头
//凭据
.AllowCredentials() //允许凭据:证书中包含缓存(cookies)和HTTP验证协议(HTTP authentication schemes)
//.DisallowCredentials() //拒绝凭据
//.WithExposedHeaders() //设置暴露的自定义响应头(默认情况下,浏览器只会暴露默认的响应头给应用,其它自定义影响头不会暴露给应用程序)
;
/*
.net core 2.1, AllowAnyOrigin() AllowCredentials() 使
1使AllowCredentials().SetIsOriginAllowed(_ => true) AllowAnyOrigin()
2使AllowCredentials() WithOrigins()(使SetIsOriginAllowedToAllowWildcardSubdomains()) AllowAnyOrigin()
3
*/
});
});
return services;
}
/// <summary>
/// CORS 模板
/// </summary>
private IServiceCollection AddCors_Template(IServiceCollection services)
{
services.AddCors(setup =>
{
var corsOption = services.BuildServiceProvider().GetRequiredService<IOptionsSnapshot<CorsOption>>().Value;
setup.AddPolicy(CorsPolicyNameConst.DefaultPolicyName, build =>
{
build
//请求来源
.AllowAnyOrigin()
//.WithOrigins(corsOption.Origins.ToArray())
//.SetIsOriginAllowed(_ => true)
//.SetIsOriginAllowedToAllowWildcardSubdomains()
//请求方法(POST GET PUT DELETE OPTIONS等)
.AllowAnyMethod()
//.WithMethods(corsOption.Methods.ToArray())
//请求头
.AllowAnyHeader()
//.WithHeaders(corsOption.Headers.ToArray())
//凭据
//.AllowCredentials()
//.DisallowCredentials()
//.WithExposedHeaders()
;
});
});
return services;
}
/// <summary>
/// 测试
/// </summary>
private IServiceCollection AddCors_Test(IServiceCollection services)
{
services.AddCors(setup =>
{
setup.AddPolicy(CorsPolicyNameConst.DefaultPolicyName, build =>
{
build
//请求来源
.AllowAnyOrigin()
//.WithOrigins()
//.SetIsOriginAllowed(_ => true)
//.SetIsOriginAllowedToAllowWildcardSubdomains()
//请求方法(POST GET PUT DELETE OPTIONS等)
.AllowAnyMethod()
//.WithMethods()
//请求头
.AllowAnyHeader()
.WithExposedHeaders("x-custom-error");
//.WithHeaders()
//凭据
//.AllowCredentials()
//.DisallowCredentials()
//.WithExposedHeaders()
;
});
});
return services;
}
private IServiceCollection AddCors_2(IServiceCollection services)
private IServiceCollection AddCors_Single(IServiceCollection services)
{
services.AddCors(setup =>
{
setup.AddPolicy(CorsPolicyNameConst.DefaultPolicyName, build =>
{
build
//请求来源
.AllowAnyOrigin()
//.WithOrigins()
//.SetIsOriginAllowed(_ => true)
//.SetIsOriginAllowedToAllowWildcardSubdomains()
//请求方法(POST GET PUT DELETE OPTIONS等)
//.AllowAnyMethod()
//.WithMethods()
//请求头
//.AllowAnyHeader()
//.WithHeaders()
//凭据
//.AllowCredentials()
//.DisallowCredentials()
//.WithExposedHeaders()
;
});
});
return services;
}
private IServiceCollection AddCors_All(IServiceCollection services)
{
services.AddCors(setup =>
{
setup.AddPolicy(CorsName, build =>
setup.AddPolicy(CorsPolicyNameConst.DefaultPolicyName, build =>
{
build.AllowAnyOrigin().AllowAnyMethod().AllowAnyHeader().WithExposedHeaders("x-custom-error");
build
.AllowAnyOrigin()
.AllowAnyMethod()
.AllowAnyHeader()
;
});
});
@ -92,12 +234,17 @@ namespace CorsServer.WebApi31
private IServiceCollection AddCors_3(IServiceCollection services)
{
services.AddCors(setup =>
{
setup.AddPolicy(CorsName, build =>
{
build.AllowAnyOrigin().AllowAnyMethod().AllowAnyHeader().WithExposedHeaders("x-custom-error");
});
});
{
var corsOption = services.BuildServiceProvider().GetRequiredService<IOptionsSnapshot<CorsOption>>().Value;
setup.AddPolicy(CorsPolicyNameConst.DefaultPolicyName, build =>
{
build
.WithOrigins(corsOption.Origins.ToArray())
.WithMethods(corsOption.Methods.ToArray())
.WithHeaders(corsOption.Headers.ToArray())
.WithExposedHeaders(corsOption.ExposedHeaders.ToArray());
});
});
return services;
}
@ -106,12 +253,34 @@ namespace CorsServer.WebApi31
{
services.AddCors(setup =>
{
setup.AddPolicy(CorsName, build =>
setup.AddPolicy(CorsPolicyNameConst.DefaultPolicyName, build =>
{
build.AllowAnyOrigin().AllowAnyMethod().AllowAnyHeader().WithExposedHeaders("x-custom-error");
});
});
return services;
}
private IServiceCollection AddCors_5(IServiceCollection services)
{
services.AddCors(setup =>
{
var corsOption = services.BuildServiceProvider().GetRequiredService<IOptionsSnapshot<CorsOption>>().Value;
setup.AddPolicy(CorsPolicyNameConst.DefaultPolicyName, builder =>
{
builder
////.SetIsOriginAllowedToAllowWildcardSubdomains()
.WithOrigins("http://localhost:5002")
//.AllowAnyMethod()
////.WithMethods(corsOption.Methods.ToArray())
//.AllowAnyHeader()
////.WithHeaders(corsOption.Headers.ToArray())
////.WithExposedHeaders(corsOption.ExposedHeaders.ToArray())
;
});
});
return services;
}
}
}

9
CorsServer/CorsServer.WebApi31/appsettings.json
Unescape Escape View File

@ -1,11 +1,10 @@
{
"urls": "http://*:5000",
"CORS": {
"PolicyName": "",
"Origin": ["*"],
"Method": [ "*" ],
"Header": [ "*" ],
"ExposedHeaders": []
"Origins": ["*"],
"Methods": [ "*" ],
"Headers": [ "*" ],
"ExposedHeaders": ["x-custom-error"]
},
"Logging": {
"LogLevel": {

Write Preview
Loading…
Cancel
Save