CORS:凭据模式为'include‘

link之家

链接快照平台

输入网页链接，自动生成快照
标签化管理网页链接

相关文章推荐

打酱油的甘蔗 · 我校2017年外国留学生人数创历史新高· 3 周前 ·

沉着的熊猫 · 《沦为by雀眠》全文txt阅读 - 哔哩哔哩· 9 月前 ·

悲伤的山羊 · 中国社会科学院大学外国语学院 ...· 1 年前 ·

憨厚的鼠标垫 · 《江南》2022年第6期｜娜仁高娃：瀑布（节 ...· 1 年前 ·

眼睛小的番茄 · 印度奇景· 1 年前 ·

腾讯云

开发者社区

文档意见反馈控制台

首页 TVP

文章/答案/技术大牛

发布

public static class WebApiConfig
    public static void Register(HttpConfiguration config)
        EnableCrossSiteRequests(config);
    private static void EnableCrossSiteRequests(HttpConfiguration config)
        var cors = new EnableCorsAttribute("*", "*", "*")
            SupportsCredentials = true
        config.EnableCors(cors);
}

public void Configuration(IAppBuilder app)
    HttpConfiguration config = new HttpConfiguration();
    ConfigureOAuth(app);
    WebApiConfig.Register(config);
    app.UseCors(Microsoft.Owin.Cors.CorsOptions.AllowAll);
    app.UseWebApi(config);
}

constructor(public http: HttpClient) {
public get(url: string = ''): Observable<any> {
    return this.http.get(url, { withCredentials: true });
}

@Configuration
@EnableWebSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
    @Bean
    CorsConfigurationSource corsConfigurationSource() {
        CorsConfiguration configuration = new CorsConfiguration();
        // This Origin header you can see that in Network tab
        configuration.setAllowedOrigins(Arrays.asList("http:/url_1", "http:/url_2")); 
        configuration.setAllowedMethods(Arrays.asList("GET","POST"));
        configuration.setAllowedHeaders(Arrays.asList("content-type"));
        configuration.setAllowCredentials(true);
        UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
        source.registerCorsConfiguration("/**", configuration);
        return source;
    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.cors().and()...
}

if ('withCredentials' in xhr) {
 xhr.withCredentials = true;
}

var cors = require('cors');    
app.use(cors({credentials: true, origin: 'http://localhost:5000'}));

services.AddCors(o => {
    o.AddPolicy("AllowSetOrigins", options =>
        options.WithOrigins("https://localhost:xxxx");
        options.AllowAnyHeader();
        options.AllowAnyMethod();
        options.AllowCredentials();

5 个回答