CORS:凭据模式为'include‘

link之家

链接快照平台

输入网页链接，自动生成快照
标签化管理网页链接

相关文章推荐

成熟的遥控器 · 2020年欧洲杯二十四强出炉，分组揭晓！_比赛· 4 月前 ·

玩足球的烈马 · 重磅公布！古巴治疗性乙肝疫苗NASVAC ...· 4 月前 ·

想旅行的遥控器 · 化学竞赛总分 - 抖音· 1 年前 ·

千年单身的马铃薯 · 沈阳地铁2号线南延线、4号线，今年下半年将开 ...· 1 年前 ·

俊逸的仙人球 · 周末电影分级：《有一个地方》13岁以上观看_ ...· 1 年前 ·

腾讯云

开发者社区

文档意见反馈控制台

首页 TVP

文章/答案/技术大牛

发布

public static class WebApiConfig
    public static void Register(HttpConfiguration config)
        EnableCrossSiteRequests(config);
    private static void EnableCrossSiteRequests(HttpConfiguration config)
        var cors = new EnableCorsAttribute("*", "*", "*")
            SupportsCredentials = true
        config.EnableCors(cors);
}

public void Configuration(IAppBuilder app)
    HttpConfiguration config = new HttpConfiguration();
    ConfigureOAuth(app);
    WebApiConfig.Register(config);
    app.UseCors(Microsoft.Owin.Cors.CorsOptions.AllowAll);
    app.UseWebApi(config);
}

constructor(public http: HttpClient) {
public get(url: string = ''): Observable<any> {
    return this.http.get(url, { withCredentials: true });
}

@Configuration
@EnableWebSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
    @Bean
    CorsConfigurationSource corsConfigurationSource() {
        CorsConfiguration configuration = new CorsConfiguration();
        // This Origin header you can see that in Network tab
        configuration.setAllowedOrigins(Arrays.asList("http:/url_1", "http:/url_2")); 
        configuration.setAllowedMethods(Arrays.asList("GET","POST"));
        configuration.setAllowedHeaders(Arrays.asList("content-type"));
        configuration.setAllowCredentials(true);
        UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
        source.registerCorsConfiguration("/**", configuration);
        return source;
    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.cors().and()...
}

if ('withCredentials' in xhr) {
 xhr.withCredentials = true;
}

var cors = require('cors');    
app.use(cors({credentials: true, origin: 'http://localhost:5000'}));

services.AddCors(o => {
    o.AddPolicy("AllowSetOrigins", options =>
        options.WithOrigins("https://localhost:xxxx");
        options.AllowAnyHeader();
        options.AllowAnyMethod();
        options.AllowCredentials();

5 个回答