C# ASP.NET MVC 配置允许跨域访问

在web.config文件中的 system.webServer 节点下 增加如下配置

<httpProtocol>
      <customHeaders>
        <add name="Access-Control-Allow-Origin" value="*" />
        <add name="Access-Control-Allow-Headers" value="Content-Type" />
        <add name="Access-Control-Allow-Methods" value="GET, POST, PUT, DELETE, OPTIONS" />
      </customHeaders>
    </httpProtocol>
View Code
<httpProtocol>
            <customHeaders>
                <add name="Access-Control-Allow-Origin" value="*" />
                <add name="Access-Control-Allow-Headers" value="*" />
                <add name="Access-Control-Allow-Methods" value="GET, POST, PUT, DELETE" />
            </customHeaders>
        </httpProtocol>
View Code

在ASP.Net webapi中可以使用  Microsoft.AspNet.WebApi.Cors  来实现:

public static class WebApiConfig
    {
        public static void Register(HttpConfiguration config)
        {
            // New code
            config.EnableCors();

            config.Routes.MapHttpRoute(
                name: "DefaultApi",
                routeTemplate: "api/{controller}/{id}",
                defaults: new { id = RouteParameter.Optional }
            );
        }
    }
View Code
[EnableCors(origins: "http://mywebclient.azurewebsites.net", headers: "*", methods: "*")]
    public class TestController : ApiController
    {
        // Controller methods not shown...
    }
View Code

但在MVC中不能使用这个,需要自定义一个类:

public class AllowCrossSiteJsonAttribute: ActionFilterAttribute
    {
        private string[] _domains;
        public AllowCrossSiteJsonAttribute(string domain)
        {
            _domains= new string[] { domain };
        }
        public AllowCrossSiteJsonAttribute(string[] domains)
        {
            _domains = domains;
        }
        public override void OnActionExecuting(ActionExecutingContext filterContext)
        {
            var context = filterContext.RequestContext.HttpContext;
            var host = context.Request.UrlReferrer?.Host;
            if (host != null && _domains.Contains(host))
            {
                filterContext.RequestContext.HttpContext.Response.AddHeader("Access-Control-Allow-Origin", "*");
            }
            base.OnActionExecuting(filterContext);
        }
    }
View Code

在被访问的控制器上加上AllowCrossSiteJson:

[AllowCrossSiteJson("localhost")]
        public JsonResult Index()
        {
            var holidays = new List<Holiday>
            {
                new Holiday
                {
                    Title="2 Weeks in Rhodes",
                    Price=688,
                    ImgUrl="http://media.wiley.com/product_data/coverImage/84/04702927/0470292784.jpg"
                },
                new Holiday
                {
                    Title="1 Weeks in Barbados",
                    Price=320,
                    ImgUrl="http://media.wiley.com/product_data/coverImage/84/04702927/0470292784.jpg"
                }
            };
            return Json(holidays, JsonRequestBehavior.AllowGet);
        }
View Code

https://www.cnblogs.com/uptothesky/p/6178787.html

【推广】 免费学中医,健康全家人
原文地址:https://www.cnblogs.com/love201314/p/9173523.html