添加VS项目文件

CorsClient/CorsClient.sln

@@ -0,0 +1,25 @@
+
+Microsoft Visual Studio Solution File, Format Version 12.00
+# Visual Studio Version 16
+VisualStudioVersion = 16.0.31205.134
+MinimumVisualStudioVersion = 10.0.40219.1
+Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "CorsClient", "CorsClient\CorsClient.csproj", "{DA3A413A-C7EA-4B44-98AA-FDF6573A8B12}"
+EndProject
+Global
+	GlobalSection(SolutionConfigurationPlatforms) = preSolution
+		Debug|Any CPU = Debug|Any CPU
+		Release|Any CPU = Release|Any CPU
+	EndGlobalSection
+	GlobalSection(ProjectConfigurationPlatforms) = postSolution
+		{DA3A413A-C7EA-4B44-98AA-FDF6573A8B12}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{DA3A413A-C7EA-4B44-98AA-FDF6573A8B12}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{DA3A413A-C7EA-4B44-98AA-FDF6573A8B12}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{DA3A413A-C7EA-4B44-98AA-FDF6573A8B12}.Release|Any CPU.Build.0 = Release|Any CPU
+	EndGlobalSection
+	GlobalSection(SolutionProperties) = preSolution
+		HideSolutionNode = FALSE
+	EndGlobalSection
+	GlobalSection(ExtensibilityGlobals) = postSolution
+		SolutionGuid = {91750987-2B9F-4C9A-B65E-F322D83C33B3}
+	EndGlobalSection
+EndGlobal

CorsClient/CorsClient/CorsClient.csproj

@@ -0,0 +1,7 @@
+<Project Sdk="Microsoft.NET.Sdk.Web">
+
+  <PropertyGroup>
+    <TargetFramework>netcoreapp3.1</TargetFramework>
+  </PropertyGroup>
+
+</Project>

CorsClient/CorsClient/Program.cs

@@ -0,0 +1,28 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Security.Policy;
+using System.Threading.Tasks;
+
+using Microsoft.AspNetCore.Hosting;
+using Microsoft.Extensions.Configuration;
+using Microsoft.Extensions.Hosting;
+using Microsoft.Extensions.Logging;
+
+namespace CorsClient
+{
+    public class Program
+    {
+        public static void Main(string[] args)
+        {
+            CreateHostBuilder(args).Build().Run();
+        }
+
+        public static IHostBuilder CreateHostBuilder(string[] args) =>
+            Host.CreateDefaultBuilder(args)
+                .ConfigureWebHostDefaults(webBuilder =>
+                {
+                    webBuilder.UseStartup<Startup>();
+                });
+    }
+}

CorsClient/CorsClient/Properties/launchSettings.json

@@ -0,0 +1,28 @@
+{
+  "iisSettings": {
+    "windowsAuthentication": false, 
+    "anonymousAuthentication": true, 
+    "iisExpress": {
+      "applicationUrl": "http://localhost:39889",
+      "sslPort": 0
+    }
+  },
+  "profiles": {
+    "IIS Express": {
+      "commandName": "IISExpress",
+      "launchBrowser": true,
+      "environmentVariables": {
+        "ASPNETCORE_ENVIRONMENT": "Development"
+      }
+    },
+    "CorsClient": {
+      "commandName": "Project",
+      "launchBrowser": true,
+      "applicationUrl": "http://localhost:5002",
+      "launchUrl": "Index.html",
+      "environmentVariables": {
+        "ASPNETCORE_ENVIRONMENT": "Development"
+      }
+    }
+  }
+}

CorsClient/CorsClient/Startup.cs

@@ -0,0 +1,42 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Threading.Tasks;
+
+using Microsoft.AspNetCore.Builder;
+using Microsoft.AspNetCore.Hosting;
+using Microsoft.AspNetCore.Http;
+using Microsoft.Extensions.DependencyInjection;
+using Microsoft.Extensions.Hosting;
+
+namespace CorsClient
+{
+    public class Startup
+    {
+        public void ConfigureServices(IServiceCollection services)
+        {
+        }
+
+        public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
+        {
+            if (env.IsDevelopment())
+            {
+                app.UseDeveloperExceptionPage();
+            }
+
+            app.UsePathBase("/");
+            app.UseStaticFiles();
+
+
+            app.UseRouting();
+
+            app.UseEndpoints(endpoints =>
+            {
+                endpoints.MapGet("/", async context =>
+                {
+                    await context.Response.WriteAsync("Hello World!");
+                });
+            });
+        }
+    }
+}

CorsClient/CorsClient/appsettings.Development.json

@@ -0,0 +1,9 @@
+{
+  "Logging": {
+    "LogLevel": {
+      "Default": "Information",
+      "Microsoft": "Warning",
+      "Microsoft.Hosting.Lifetime": "Information"
+    }
+  }
+}

CorsClient/CorsClient/appsettings.json

@@ -0,0 +1,11 @@
+{
+  "urls": "http://*:5002",
+  "Logging": {
+    "LogLevel": {
+      "Default": "Information",
+      "Microsoft": "Warning",
+      "Microsoft.Hosting.Lifetime": "Information"
+    }
+  },
+  "AllowedHosts": "*"
+}

CorsClient/CorsClient/wwwroot/GetToken.html

@@ -0,0 +1,42 @@
+<html>
+    <head>
+        <title>demo</title>
+        <script src="Scripts/jquery-1.10.2.js"></script>
+        <script>
+            $(function () {
+                var token = "";
+                $.ajax({
+                    type: "POST",
+                    url: "http://47.102.46.73:8081/api/Account/Login",
+                    dataType: "json",
+                    contentType: "application/json",
+                    data: JSON.stringify({ "userName": "wanggaofeng", "userPassword": "213464", "project": "HAYY", "role": "", "clientType": 1 }),
+                    success: function (jsonData) {
+                        token = jsonData.data[0].token;
+                        $.ajax({
+                            type: "GET",
+                            url: "http://47.102.46.73:8081/api/Elevator/GetOverView?sys=5",
+                            dataType: "json",
+                            contentType: "application/json",
+                            //方法一
+                            headers: {},
+                            //方法二
+                            beforeSend: function (request) {
+                                request.setRequestHeader("Authorization", "Bearer " + token);
+                            },
+                            success: function (jsonData) {
+                                var text = JSON.stringify(jsonData);
+                                $("#JsonShow").html(text);
+                            }
+                        });
+                    }
+                });
+            });
+        </script>
+    </head>
+    <bod>
+        <div id="App">
+			<pre id="JsonShow"></pre>
+        </div>
+    </bod>
+</html>

CorsClient/CorsClient/wwwroot/Index.html

@@ -0,0 +1,60 @@
+<!DOCTYPE html>
+<html>
+<head>
+    <meta charset="utf-8" />
+    <title>iFrame Tab Demo</title>
+    <script type="text/javascript" src="Scripts/jquery-1.10.2.js"></script>
+    <script type="text/javascript" src="Scripts/jquery.cookie.js"></script>
+    <script>
+        $(function () {
+            $("#MenuLinks li").click(function () {
+                var ajaxUrl = $(this).attr("url");
+                var ajaxMethod = $(this).attr("method");
+                var ajaxContentType = $(this).attr("contentType");
+                $.ajax({
+                    //请求方法
+                    type: ajaxMethod,
+
+                    //请求地址
+                    url: ajaxUrl,
+
+                    //服务器返回类型
+                    dataType: "html",
+
+                    //发送类型
+                    contentType: ajaxContentType,
+
+                    //data: JSON.stringify({ "userName": "wanggaofeng", "userPassword": "213464" }),
+                    beforeSend: function (xhr) {
+                        $("#ContentBox").html("请求中...");
+                    },
+                    success: function (jsonData) {
+                        $("#ContentBox").html(jsonData);
+                    },
+                    error: function (xhr,status,error) {
+                        $("#ContentBox").html("请求错误" + error);
+                    },
+                    complete: function (xhr,status) {
+
+                    }
+                });
+            });
+
+            $("#MenuLinks li:first").click();
+        });
+    </script>
+</head>
+<body>
+    <div id="MenuLinks">
+        <ul>
+            <li method="GET" dataType="json" contentType="application/x-www-form-urlencoded" url="http://localhost:5000/api/Test/Ping">简单API</li>
+            <li method="GET" dataType="json" contentType="application/x-www-form-urlencoded" url="https://www.hao123.com">好123</li>
+            <li method="GET" dataType="json" contentType="application/x-www-form-urlencoded" url="https://www.360.com">360</li>
+            <li method="GET" dataType="json" contentType="application/x-www-form-urlencoded" url="https://www.qq.com">QQ</li>
+        </ul>
+    </div>
+    <pre id="ContentBox">
+        默认内容
+    </pre>
+</body>
+</html>

CorsClient/CorsClient/wwwroot/JianHang.html

@@ -0,0 +1,54 @@
+<!DOCTYPE html>
+<html>
+<head>
+    <meta charset="utf-8" />
+    <title>iFrame Tab Demo</title>
+    <script type="text/javascript" src="Scripts/jquery-1.10.2.js"></script>
+    <script type="text/javascript" src="Scripts/jquery.cookie.js"></script>
+    <script>
+        $(function () {
+            var token = "";
+            $("#MenuLinks li").click(function () {
+                var ajaxUrl = $(this).attr("url");
+                $("#myframe").attr("src", ajaxUrl);
+            });
+
+            $("#LoinLinks li").click(function () {
+
+                $.ajax({
+                    type: "POST",
+                    url: "http://ys.jxing.com.cn:8081/jxserver/a/login",
+                    dataType: "html",
+                    contentType: "form-data",
+                    crossDomain: true,
+                    data: $({ "username": "admin", "password": "KlVIQnZmcjQ=" }).serialize(),
+                    success: function (jsonData) {
+                        //alert(jsonData);
+                    },
+                    error: function (jqXHR, textStatus, errorThrown) {
+                        alert("远程错误，状态：" + textStatus + " 错误信息：" + errorThrown);
+                    }
+                });
+            });
+        });
+    </script>
+</head>
+<body>
+    <div id="MenuLinks">
+        <ul>
+            <li url="http://ys.jxing.com.cn:8081/jxserver/a/equip/dbEquipList/typeIndex">建行科技:设备台帐</li>
+            <li url="https://www.hao123.com?yy=y4&xx=qqqqq">好123</li>
+            <li url="https://www.360.com">360</li>
+            <li url="https://www.qq.com">QQ</li>
+        </ul>
+    </div>
+    <div id="LoinLinks">
+        <ul>
+            <li url="">登陆建行</li>
+        </ul>
+    </div>
+    <div id="iframeContent">
+        <iframe id="myframe" width="100%" height="800" frameBorder="0" src="http://ys.jxing.com.cn:8081/jxserver/a/login" scrolling="yes" sandbox="allow-forms allow-modals allow-orientation-lock allow-pointer-lock allow-popups allow-popups-to-escape-sandbox allow-same-origin allow-scripts allow-top-navigation"></iframe>
+    </div>
+</body>
+</html>

CorsClient/CorsClient/wwwroot/OtherWebDemo.html

@@ -0,0 +1,34 @@
+<!DOCTYPE html>
+<html>
+<head>
+    <meta charset="utf-8" />
+    <title>iFrame Tab Demo</title>
+    <script type="text/javascript" src="Scripts/jquery-1.10.2.js"></script>
+    <script type="text/javascript" src="Scripts/jquery.cookie.js"></script>
+    <script>
+        $(function () {
+            $("#MenuLinks li").click(function () {
+                var ajaxUrl = $(this).attr("url");
+                $("#myframe").attr("src", ajaxUrl);
+            });
+
+            $("#MenuLinks li[set]").click();
+            $("#MenuLinks li:first").click();
+        });
+    </script>
+</head>
+<body>
+    <div id="MenuLinks">
+        <ul>
+            <li url="http://localhost:23025/Content.html">内容页</li>
+            <li url="https://www.hao123.com">好123</li>
+            <li url="https://www.360.com">360</li>
+            <li url="https://www.qq.com">QQ</li>
+            <li set="true" url="http://localhost:23025/SetCookie.html">设置Cookie</li>
+        </ul>
+    </div>
+    <div id="iframeContent">
+        <iframe id="myframe" width="100%" height="800" frameBorder="0" src="http://localhost:23025/Content.html" scrolling="yes"></iframe>
+    </div>
+</body>
+</html>

CorsClient/CorsClient/wwwroot/Scripts/jquery.cookie.js

@@ -0,0 +1,117 @@
+/*!
+ * jQuery Cookie Plugin v1.4.1
+ * https://github.com/carhartl/jquery-cookie
+ *
+ * Copyright 2013 Klaus Hartl
+ * Released under the MIT license
+ */
+(function (factory) {
+	if (typeof define === 'function' && define.amd) {
+		// AMD
+		define(['jquery'], factory);
+	} else if (typeof exports === 'object') {
+		// CommonJS
+		factory(require('jquery'));
+	} else {
+		// Browser globals
+		factory(jQuery);
+	}
+}(function ($) {
+
+	var pluses = /\+/g;
+
+	function encode(s) {
+		return config.raw ? s : encodeURIComponent(s);
+	}
+
+	function decode(s) {
+		return config.raw ? s : decodeURIComponent(s);
+	}
+
+	function stringifyCookieValue(value) {
+		return encode(config.json ? JSON.stringify(value) : String(value));
+	}
+
+	function parseCookieValue(s) {
+		if (s.indexOf('"') === 0) {
+			// This is a quoted cookie as according to RFC2068, unescape...
+			s = s.slice(1, -1).replace(/\\"/g, '"').replace(/\\\\/g, '\\');
+		}
+
+		try {
+			// Replace server-side written pluses with spaces.
+			// If we can't decode the cookie, ignore it, it's unusable.
+			// If we can't parse the cookie, ignore it, it's unusable.
+			s = decodeURIComponent(s.replace(pluses, ' '));
+			return config.json ? JSON.parse(s) : s;
+		} catch(e) {}
+	}
+
+	function read(s, converter) {
+		var value = config.raw ? s : parseCookieValue(s);
+		return $.isFunction(converter) ? converter(value) : value;
+	}
+
+	var config = $.cookie = function (key, value, options) {
+
+		// Write
+
+		if (value !== undefined && !$.isFunction(value)) {
+			options = $.extend({}, config.defaults, options);
+
+			if (typeof options.expires === 'number') {
+				var days = options.expires, t = options.expires = new Date();
+				t.setTime(+t + days * 864e+5);
+			}
+
+			return (document.cookie = [
+				encode(key), '=', stringifyCookieValue(value),
+				options.expires ? '; expires=' + options.expires.toUTCString() : '', // use expires attribute, max-age is not supported by IE
+				options.path    ? '; path=' + options.path : '',
+				options.domain  ? '; domain=' + options.domain : '',
+				options.secure  ? '; secure' : ''
+			].join(''));
+		}
+
+		// Read
+
+		var result = key ? undefined : {};
+
+		// To prevent the for loop in the first place assign an empty array
+		// in case there are no cookies at all. Also prevents odd result when
+		// calling $.cookie().
+		var cookies = document.cookie ? document.cookie.split('; ') : [];
+
+		for (var i = 0, l = cookies.length; i < l; i++) {
+			var parts = cookies[i].split('=');
+			var name = decode(parts.shift());
+			var cookie = parts.join('=');
+
+			if (key && key === name) {
+				// If second argument (value) is a function it's a converter...
+				result = read(cookie, value);
+				break;
+			}
+
+			// Prevent storing a cookie that we couldn't decode.
+			if (!key && (cookie = read(cookie)) !== undefined) {
+				result[name] = cookie;
+			}
+		}
+
+		return result;
+	};
+
+	config.defaults = {};
+
+	$.removeCookie = function (key, options) {
+		if ($.cookie(key) === undefined) {
+			return false;
+		}
+
+		// Must not alter options, thus extending a fresh object...
+		$.cookie(key, '', $.extend({}, options, { expires: -1 }));
+		return !$.cookie(key);
+	};
+
+}));

CorsClient/CorsClient/wwwroot/SetCookie.html

@@ -0,0 +1,78 @@
+<!DOCTYPE html>
+<html>
+<head>
+    <meta charset="utf-8" />
+    <title>设置登陆相关的Cookie</title>
+    
+</head>
+<body>
+    <div id="ShowBox">
+        正在设置登陆Cookie信息 ......
+    </div>
+    <script>
+        var cookie = {
+            set: function (key, val, time) {//设置cookie方法
+                var date = new Date(); //获取当前时间
+                var expiresDays = time;  //将date设置为n天以后的时间
+                date.setTime(date.getTime() + expiresDays * 24 * 3600 * 1000); //格式化为cookie识别的时间
+
+                //设置cookie
+                document.cookie = key + "=" + val + ";expires=" + date.toGMTString() + ";domain=47.103.96.35;path=/"; 
+
+                // https可以添加 SameSite=None;secure; 以完成iframe跨域cookie(非https单独设置SameSite=None无效) 如下
+                //document.cookie = key + "=" + val + ";expires=" + date.toGMTString() + ";domain=47.103.96.35;path=/;SameSite=None;secure;"; 
+            },
+            /*获取cookie参数*/
+            get: function (key) {//获取cookie方法
+                
+                var getCookie = document.cookie.replace(/[ ]/g, "");  //获取cookie，并且将获得的cookie格式化，去掉空格字符
+                var arrCookie = getCookie.split(";")  //将获得的cookie以"分号"为标识 将cookie保存到arrCookie的数组中
+                var tips;  //声明变量tips
+                for (var i = 0; i < arrCookie.length; i++) {   //使用for循环查找cookie中的tips变量
+                    var arr = arrCookie[i].split("=");   //将单条cookie用"等号"为标识，将单条cookie保存为arr数组
+                    if (key == arr[0]) {  //匹配变量名称，其中arr[0]是指的cookie名称，如果该条变量为tips则执行判断语句中的赋值操作
+                        tips = arr[1];   //将cookie的值赋给变量tips
+                        break;   //终止for循环遍历
+                    }
+                };
+                return tips;
+            },
+            delete: function (key) {//删除cookie方法
+                //获取当前时间      
+                var date = new Date();
+
+                //将date设置为过去的时间
+                date.setTime(date.getTime() - 10000);
+
+                //设置cookie     
+                document.cookie = key + "=v; expires =" + date.toGMTString();
+            }
+        };
+
+        function getUrlParam(name)
+        {
+            //构造一个含有目标参数的正则表达式对象
+            var reg = new RegExp("(^|&)" + name + "=([^&]*)(&|$)"); 
+
+             //匹配目标参数
+            var r = window.location.search.substr(1).match(reg); 
+
+            //返回参数值
+            if (r!=null) return unescape(r[2]); return null; 
+        };
+
+        //Url获取参数
+        var cookieInfo = { "AIOT_Project": "", "AIOT_Name": "", "AIOT_Token": "" };
+        cookieInfo.AIOT_Project = getUrlParam("AIOT_Project");
+        cookieInfo.AIOT_Name = getUrlParam("AIOT_Name");
+        cookieInfo.AIOT_Token = getUrlParam("AIOT_Token");
+
+        //写Cookie
+        cookie.set("AIOT_Project", cookieInfo.AIOT_Project, 1);
+        cookie.set("AIOT_Name", cookieInfo.AIOT_Name, 1);
+        cookie.set("AIOT_Token", cookieInfo.AIOT_Token, 1);
+
+        document.getElementById("ShowBox").innerHTML="设置登陆Cookie信息，完成！";
+    </script>
+</body>
+</html>

CorsServer/CorsServer.WebApi31/Controllers/TestController.cs

@@ -0,0 +1,28 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Security.Cryptography.Xml;
+using System.Threading.Tasks;
+
+using Microsoft.AspNetCore.Http;
+using Microsoft.AspNetCore.Mvc;
+
+namespace CorsServer.WebApi31.Controllers
+{
+    [Route("api/[controller]/[action]")]
+    [ApiController]
+    public class TestController : ControllerBase
+    {
+        public TestController()
+        { 
+        
+        }
+
+        [HttpGet]
+        public IActionResult Ping()
+        {
+            var data = new { Code=0,Message="Ok" };
+            return Ok(data);
+        }
+    }
+}

CorsServer/CorsServer.WebApi31/CorsServer.WebApi31.csproj

@@ -0,0 +1,8 @@
+<Project Sdk="Microsoft.NET.Sdk.Web">
+
+  <PropertyGroup>
+    <TargetFramework>netcoreapp3.1</TargetFramework>
+  </PropertyGroup>
+
+
+</Project>

CorsServer/CorsServer.WebApi31/Program.cs

@@ -0,0 +1,27 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Threading.Tasks;
+
+using Microsoft.AspNetCore.Hosting;
+using Microsoft.Extensions.Configuration;
+using Microsoft.Extensions.Hosting;
+using Microsoft.Extensions.Logging;
+
+namespace CorsServer.WebApi31
+{
+    public class Program
+    {
+        public static void Main(string[] args)
+        {
+            CreateHostBuilder(args).Build().Run();
+        }
+
+        public static IHostBuilder CreateHostBuilder(string[] args) =>
+            Host.CreateDefaultBuilder(args)
+                .ConfigureWebHostDefaults(webBuilder =>
+                {
+                    webBuilder.UseStartup<Startup>();
+                });
+    }
+}

CorsServer/CorsServer.WebApi31/Properties/launchSettings.json

@@ -0,0 +1,30 @@
+{
+  "$schema": "http://json.schemastore.org/launchsettings.json",
+  "iisSettings": {
+    "windowsAuthentication": false,
+    "anonymousAuthentication": true,
+    "iisExpress": {
+      "applicationUrl": "http://localhost:40118",
+      "sslPort": 0
+    }
+  },
+  "profiles": {
+    "IIS Express": {
+      "commandName": "IISExpress",
+      "launchBrowser": true,
+      "launchUrl": "api/Test/Ping",
+      "environmentVariables": {
+        "ASPNETCORE_ENVIRONMENT": "Development"
+      }
+    },
+    "CorsServer.WebApi31": {
+      "commandName": "Project",
+      "launchBrowser": true,
+      "launchUrl": "api/Test/Ping",
+      "applicationUrl": "http://localhost:5000",
+      "environmentVariables": {
+        "ASPNETCORE_ENVIRONMENT": "Development"
+      }
+    }
+  }
+}

CorsServer/CorsServer.WebApi31/Startup.cs

@@ -0,0 +1,60 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Threading.Tasks;
+
+using Microsoft.AspNetCore.Builder;
+using Microsoft.AspNetCore.Hosting;
+using Microsoft.AspNetCore.Mvc;
+using Microsoft.Extensions.Configuration;
+using Microsoft.Extensions.DependencyInjection;
+using Microsoft.Extensions.Hosting;
+using Microsoft.Extensions.Logging;
+
+namespace CorsServer.WebApi31
+{
+    public class Startup
+    {
+        public const string CorsName = "Any";
+        public Startup(IConfiguration configuration)
+        {
+            Configuration = configuration;
+        }
+
+        public IConfiguration Configuration { get; }
+
+        public void ConfigureServices(IServiceCollection services)
+        {
+            services.AddCors(setup => 
+            {
+                setup.AddPolicy(CorsName, build => 
+                {
+                    build.AllowAnyOrigin().AllowAnyMethod().AllowAnyHeader().WithExposedHeaders("x-custom-error");
+                });
+            });
+            services.AddControllers();
+        }
+
+        public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
+        {
+            if (env.IsDevelopment())
+            {
+                app.UseDeveloperExceptionPage();
+            }
+
+            //¸ù·¾¶£ºÈ«¾Ö·ÃÎÊÇ°ê¡ http://www.custom.com/PathBase/
+            //app.UsePathBase("/api/");
+
+            app.UseRouting();
+
+            app.UseCors(CorsName);
+
+            app.UseAuthorization();
+
+            app.UseEndpoints(endpoints =>
+            {
+                endpoints.MapControllers();
+            });
+        }
+    }
+}

CorsServer/CorsServer.WebApi31/appsettings.Development.json

@@ -0,0 +1,9 @@
+{
+  "Logging": {
+    "LogLevel": {
+      "Default": "Information",
+      "Microsoft": "Warning",
+      "Microsoft.Hosting.Lifetime": "Information"
+    }
+  }
+}

CorsServer/CorsServer.WebApi31/appsettings.json

@@ -0,0 +1,11 @@
+{
+  "urls": "http://*:5000",
+  "Logging": {
+    "LogLevel": {
+      "Default": "Information",
+      "Microsoft": "Warning",
+      "Microsoft.Hosting.Lifetime": "Information"
+    }
+  },
+  "AllowedHosts": "*"
+}

CorsServer/CorsServer.sln

@@ -0,0 +1,25 @@
+
+Microsoft Visual Studio Solution File, Format Version 12.00
+# Visual Studio Version 16
+VisualStudioVersion = 16.0.31205.134
+MinimumVisualStudioVersion = 10.0.40219.1
+Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "CorsServer.WebApi31", "CorsServer.WebApi31\CorsServer.WebApi31.csproj", "{39D39858-F79E-4403-9336-9100A6D8AA3F}"
+EndProject
+Global
+	GlobalSection(SolutionConfigurationPlatforms) = preSolution
+		Debug|Any CPU = Debug|Any CPU
+		Release|Any CPU = Release|Any CPU
+	EndGlobalSection
+	GlobalSection(ProjectConfigurationPlatforms) = postSolution
+		{39D39858-F79E-4403-9336-9100A6D8AA3F}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{39D39858-F79E-4403-9336-9100A6D8AA3F}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{39D39858-F79E-4403-9336-9100A6D8AA3F}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{39D39858-F79E-4403-9336-9100A6D8AA3F}.Release|Any CPU.Build.0 = Release|Any CPU
+	EndGlobalSection
+	GlobalSection(SolutionProperties) = preSolution
+		HideSolutionNode = FALSE
+	EndGlobalSection
+	GlobalSection(ExtensibilityGlobals) = postSolution
+		SolutionGuid = {820CE1DE-4FF2-404B-AAC4-22AF0C4FDF43}
+	EndGlobalSection
+EndGlobal

说明.md

@@ -0,0 +1 @@
+# CORS 跨域
## 原理
> 客户端：浏览器请求时，请求头携带上 Origin 标签（只包含请求站点信息，不包含路径信息。比如 http://localhost:5002)，一般由浏览器或请求程序自动判断是否跨域而自动设置，无需人工参与，但是为了方便测试等，也可以强制添加。

> 服务端 ：asp.net core 设置CORS后，如果请求头携带有 Origin 标签，则在响应头中添加CORS标签（）明确浏览器可以跨域。

## 坑一：服务端设置好Cors后，直接访问、Swagger、PostMan等工具测试时，响应头中并不返回 Cors相关标头。