CORS:凭据模式为'include‘

link之家

链接快照平台

输入网页链接，自动生成快照
标签化管理网页链接

相关文章推荐

风度翩翩的薯片 · Global Center on ...· 1 周前 ·

文质彬彬的小刀 · 绩效数据与对标 | IBM· 2 月前 ·

有爱心的杯子 · 兴义国家地质公园知识科普 | ...· 7 月前 ·

酒量大的火龙果 · 2023年3月16日外交部发言人汪文斌主持例 ...· 8 月前 ·

气势凌人的电池 · 罗永浩：生命不息，折腾不止-虎嗅网· 8 月前 ·

腾讯云

开发者社区

文档意见反馈控制台

首页 TVP

文章/答案/技术大牛

发布

public static class WebApiConfig
    public static void Register(HttpConfiguration config)
        EnableCrossSiteRequests(config);
    private static void EnableCrossSiteRequests(HttpConfiguration config)
        var cors = new EnableCorsAttribute("*", "*", "*")
            SupportsCredentials = true
        config.EnableCors(cors);
}

public void Configuration(IAppBuilder app)
    HttpConfiguration config = new HttpConfiguration();
    ConfigureOAuth(app);
    WebApiConfig.Register(config);
    app.UseCors(Microsoft.Owin.Cors.CorsOptions.AllowAll);
    app.UseWebApi(config);
}

constructor(public http: HttpClient) {
public get(url: string = ''): Observable<any> {
    return this.http.get(url, { withCredentials: true });
}

@Configuration
@EnableWebSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
    @Bean
    CorsConfigurationSource corsConfigurationSource() {
        CorsConfiguration configuration = new CorsConfiguration();
        // This Origin header you can see that in Network tab
        configuration.setAllowedOrigins(Arrays.asList("http:/url_1", "http:/url_2")); 
        configuration.setAllowedMethods(Arrays.asList("GET","POST"));
        configuration.setAllowedHeaders(Arrays.asList("content-type"));
        configuration.setAllowCredentials(true);
        UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
        source.registerCorsConfiguration("/**", configuration);
        return source;
    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.cors().and()...
}

if ('withCredentials' in xhr) {
 xhr.withCredentials = true;
}

var cors = require('cors');    
app.use(cors({credentials: true, origin: 'http://localhost:5000'}));

services.AddCors(o => {
    o.AddPolicy("AllowSetOrigins", options =>
        options.WithOrigins("https://localhost:xxxx");
        options.AllowAnyHeader();
        options.AllowAnyMethod();
        options.AllowCredentials();

5 个回答