asp.net跨域处理
2017-01-20 15:54
127 查看
一、asp.net web form 跨域处理
public static void CorsRequest(HttpContext context)
{
System.Collections.Generic.List<string> lHost = new System.Collections.Generic.List<string>();
#region 添加允许跨域请求的域名列表
lHost.Add("http://register.huacenav.com:6002");
lHost.Add("www.xxx.com");
lHost.Add("www.abc.com");
lHost.Add("abc.com");
#endregion
string host = context.Request.UrlReferrer == null ? "" : context.Request.UrlReferrer.Host + ":" + context.Request.UrlReferrer.Port;//获取从哪个域名发送的ajax请求本页面 或者是直接访问
if (lHost.Contains(host))
{ //在允许的域名列表里面才添加Access-Control-Allow-Origin响应头
context.Response.AddHeader("Access-Control-Allow-Origin", "http://" + host);
}
context.Response.AddHeader("Access-Control-Allow-Origin", "http://" + host);
}
二、WebAPI跨域处理
public class CorsHandler : DelegatingHandler
{
const string Origin = "Origin"; const string AccessControlRequestMethod = "Access-Control-Request-Method";
const string AccessControlRequestHeaders = "Access-Control-Request-Headers";
const string AccessControlAllowOrigin = "Access-Control-Allow-Origin";
const string AccessControlAllowMethods = "Access-Control-Allow-Methods";
const string AccessControlAllowHeaders = "Access-Control-Allow-Headers";
protected override Task<HttpResponseMessage> SendAsync(HttpRequestMessage request, CancellationToken cancellationToken)
{
bool isCorsRequest = request.Headers.Contains(Origin);
bool isPreflightRequest = request.Method == HttpMethod.Options;
if (isCorsRequest)
{
if (isPreflightRequest)
{
return Task.Factory.StartNew<HttpResponseMessage>(() =>
{
HttpResponseMessage response = new HttpResponseMessage(HttpStatusCode.OK);
response.Headers.Add(AccessControlAllowOrigin, request.Headers.GetValues(Origin).First());
string accessControlRequestMethod = request.Headers.GetValues(AccessControlRequestMethod).FirstOrDefault();
if (accessControlRequestMethod != null)
{
response.Headers.Add(AccessControlAllowMethods, accessControlRequestMethod);
}
string requestedHeaders = string.Join(", ", request.Headers.GetValues(AccessControlRequestHeaders));
if (!string.IsNullOrEmpty(requestedHeaders))
{
response.Headers.Add(AccessControlAllowHeaders, requestedHeaders);
}
return response;
}
, cancellationToken);
}
else { return base.SendAsync(request, cancellationToken).ContinueWith<HttpResponseMessage>(t => { HttpResponseMessage resp = t.Result; resp.Headers.Add(AccessControlAllowOrigin,
request.Headers.GetValues(Origin).First()); return resp; }); }
}
else { return base.SendAsync(request, cancellationToken); }
}
}
在global.asax中注册: GlobalConfiguration.Configuration.MessageHandlers.Add(new CorsHandler());//跨域处理
public static void CorsRequest(HttpContext context)
{
System.Collections.Generic.List<string> lHost = new System.Collections.Generic.List<string>();
#region 添加允许跨域请求的域名列表
lHost.Add("http://register.huacenav.com:6002");
lHost.Add("www.xxx.com");
lHost.Add("www.abc.com");
lHost.Add("abc.com");
#endregion
string host = context.Request.UrlReferrer == null ? "" : context.Request.UrlReferrer.Host + ":" + context.Request.UrlReferrer.Port;//获取从哪个域名发送的ajax请求本页面 或者是直接访问
if (lHost.Contains(host))
{ //在允许的域名列表里面才添加Access-Control-Allow-Origin响应头
context.Response.AddHeader("Access-Control-Allow-Origin", "http://" + host);
}
context.Response.AddHeader("Access-Control-Allow-Origin", "http://" + host);
}
二、WebAPI跨域处理
public class CorsHandler : DelegatingHandler
{
const string Origin = "Origin"; const string AccessControlRequestMethod = "Access-Control-Request-Method";
const string AccessControlRequestHeaders = "Access-Control-Request-Headers";
const string AccessControlAllowOrigin = "Access-Control-Allow-Origin";
const string AccessControlAllowMethods = "Access-Control-Allow-Methods";
const string AccessControlAllowHeaders = "Access-Control-Allow-Headers";
protected override Task<HttpResponseMessage> SendAsync(HttpRequestMessage request, CancellationToken cancellationToken)
{
bool isCorsRequest = request.Headers.Contains(Origin);
bool isPreflightRequest = request.Method == HttpMethod.Options;
if (isCorsRequest)
{
if (isPreflightRequest)
{
return Task.Factory.StartNew<HttpResponseMessage>(() =>
{
HttpResponseMessage response = new HttpResponseMessage(HttpStatusCode.OK);
response.Headers.Add(AccessControlAllowOrigin, request.Headers.GetValues(Origin).First());
string accessControlRequestMethod = request.Headers.GetValues(AccessControlRequestMethod).FirstOrDefault();
if (accessControlRequestMethod != null)
{
response.Headers.Add(AccessControlAllowMethods, accessControlRequestMethod);
}
string requestedHeaders = string.Join(", ", request.Headers.GetValues(AccessControlRequestHeaders));
if (!string.IsNullOrEmpty(requestedHeaders))
{
response.Headers.Add(AccessControlAllowHeaders, requestedHeaders);
}
return response;
}
, cancellationToken);
}
else { return base.SendAsync(request, cancellationToken).ContinueWith<HttpResponseMessage>(t => { HttpResponseMessage resp = t.Result; resp.Headers.Add(AccessControlAllowOrigin,
request.Headers.GetValues(Origin).First()); return resp; }); }
}
else { return base.SendAsync(request, cancellationToken); }
}
}
在global.asax中注册: GlobalConfiguration.Configuration.MessageHandlers.Add(new CorsHandler());//跨域处理
相关文章推荐
- Asp.Net Core WebAPI入门整理(三)跨域处理
- ASPNETCOREAPI 跨域处理 SQL 语句拼接 多条件分页查询 ASPNET CORE 核心 通过依赖注入(注入服务)
- AspNetCoreApi 跨域处理
- ASP.NET图象处理详解
- ASP.NET中的事务处理和异常处理
- ASP.NET Core中使用GraphQL - 第八章 在GraphQL中处理一对多关系
- Asp.Net运行时对象生成过程以及HttpHandler和HttpModule的处理过程。
- 在ASP.NET中处理 datetime 的一些通用函数(vb)
- ASP.NET中的事务处理和异常处理
- ASP.NET中的事务处理和异常处理
- 关于ASP.Net中的时间处理
- [导入]ASP.NET中的事务处理和异常处理
- 从ASP.NET数据库某字段为空时的处理所衍生出来的思考
- ASP.Net中自定义Http处理及应用之HttpModule篇
- ASP.Net中自定义Http处理及应用之HttpModule篇
- ASP.NET中DataGrid分页处理的难题
- Asp.net开发心得点滴[动态加载的用户控件使用事件委托,交给页面处理的事件无效问题]
- ASP.NET中的事务处理和异常处理
- ASP.NET错误处理(一)摘自MSDN
- ASP.net中异常处理步骤