// 1.跨域配置 注册策略 services.AddCors(options => { options.AddPolicy("CorsPolicy", builder => { builder.SetIsOriginAllowed((x) => true) .AllowAnyOrigin() .AllowAnyHeader() .AllowAnyMethod(); });
});
// 2. 添加使用注册的策略 app.UseCors("CorsPolicy");
第二种 方式:添加自定义中间件进行配置
1. 添加中间件
/// <summary> /// /自定义跨域配置中间件 /// </summary> public class OptionsMiddleware { private readonly RequestDelegate _next; public OptionsMiddleware(RequestDelegate next) { _next = next; } public Task Invoke(HttpContext context) { return BeginInvoke(context); } private Task BeginInvoke(HttpContext context) { if (context.Request.Method == "OPTIONS") { context.Response.Headers.Add("Access-Control-Allow-Origin", new[] { (string)context.Request.Headers["Origin"] }); context.Response.Headers.Add("Access-Control-Allow-Headers", new[] { "Origin, X-Requested-With, Content-Type, Accept" }); context.Response.Headers.Add("Access-Control-Allow-Methods", new[] { "GET, POST, PUT, DELETE, OPTIONS" }); context.Response.Headers.Add("Access-Control-Allow-Credentials", new[] { "true" }); context.Response.StatusCode = 200; return context.Response.WriteAsync("OK"); } return _next.Invoke(context); } } public static class OptionsMiddlewareExtensions { public static IApplicationBuilder UseOptions(this IApplicationBuilder builder) { return builder.UseMiddleware<OptionsMiddleware>(); } }2. 使用 app.UseOptions();
注意:
测试环境 /app.UseHttpsRedirection(); 必须注释掉不然 跳转404 前端会出现跨域错误
添加中间件 OptionsMiddleware 跨域设置调用 UseCors 扩展方法并指定 _myAllowSpecificOrigins CORS 策略。 UseCors添加 CORS 中间件。 必须将对的调用 UseCors 置于之后 UseRouting 但在之前 UseAuthorization
官方参考文档:
https://docs.microsoft.com/zh-cn/aspnet/core/security/cors?view=aspnetcore-3.1
