CORS:凭据模式为'include‘

link之家

链接快照平台

输入网页链接，自动生成快照
标签化管理网页链接

相关文章推荐

体贴的麦片 · 为了彻底撕掉千百年来的贫困标签· 10 月前 ·

重情义的数据线 · 【图片】钢铁雄心4 DLC ...· 10 月前 ·

豁达的木耳 · 火焰纹章英雄中怎么抽卡最好具体介绍_九游手机游戏· 10 月前 ·

暗恋学妹的煎鸡蛋 · 曾经的不毛之地，现在的蓝色海湾_中华人民共和 ...· 1 年前 ·

沉着的汉堡包 · LOFTER官方新版本-安卓iOS版下载-应 ...· 1 年前 ·

腾讯云

开发者社区

文档意见反馈控制台

首页 TVP

文章/答案/技术大牛

发布

public static class WebApiConfig
    public static void Register(HttpConfiguration config)
        EnableCrossSiteRequests(config);
    private static void EnableCrossSiteRequests(HttpConfiguration config)
        var cors = new EnableCorsAttribute("*", "*", "*")
            SupportsCredentials = true
        config.EnableCors(cors);
}

public void Configuration(IAppBuilder app)
    HttpConfiguration config = new HttpConfiguration();
    ConfigureOAuth(app);
    WebApiConfig.Register(config);
    app.UseCors(Microsoft.Owin.Cors.CorsOptions.AllowAll);
    app.UseWebApi(config);
}

constructor(public http: HttpClient) {
public get(url: string = ''): Observable<any> {
    return this.http.get(url, { withCredentials: true });
}

@Configuration
@EnableWebSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
    @Bean
    CorsConfigurationSource corsConfigurationSource() {
        CorsConfiguration configuration = new CorsConfiguration();
        // This Origin header you can see that in Network tab
        configuration.setAllowedOrigins(Arrays.asList("http:/url_1", "http:/url_2")); 
        configuration.setAllowedMethods(Arrays.asList("GET","POST"));
        configuration.setAllowedHeaders(Arrays.asList("content-type"));
        configuration.setAllowCredentials(true);
        UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
        source.registerCorsConfiguration("/**", configuration);
        return source;
    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.cors().and()...
}

if ('withCredentials' in xhr) {
 xhr.withCredentials = true;
}

var cors = require('cors');    
app.use(cors({credentials: true, origin: 'http://localhost:5000'}));

services.AddCors(o => {
    o.AddPolicy("AllowSetOrigins", options =>
        options.WithOrigins("https://localhost:xxxx");
        options.AllowAnyHeader();
        options.AllowAnyMethod();
        options.AllowCredentials();

5 个回答