如何处理“OPTIONS方法”在 ASP.NET MVC 中
我的 Sencha Touch 应用程序正在将表单发布到我的 asp.net-mvc-3 WebService,但不是发送 POST
,而是发送 OPTIONS
。
我正在阅读类似的帖子此处 ,但我只是不知道如何处理代码中的 OPTIONS 方法。
我确实尝试将 [AllowAjax]
属性添加到我的 Action 中,但它似乎在 MVC3 中不存在。
<块引用>选项 /GetInTouch/CommunicateCard HTTP/1.1
主机:webservice.example.com
引用者:http://192.168.5.206/ 访问控制请求方法:POST
来源:http://192.168.5.206
用户代理:Mozilla/5.0(Macintosh;Intel Mac OS X 10_7_0)AppleWebKit/534.24(KHTML,如 Gecko)Chrome/11.0.696.71 Safari/534.24
访问控制请求标头:X-Requested-With、内容类型
接受:/
接受编码:gzip、deflate、sdch
接受语言:en-US,en;q=0.8
接受字符集:ISO-8859-1,utf-8;q=0.7,*;q=0.3
在我的 ActionMethod 中,我使用以下代码。
public JsonpResult CommunicateCard(CommunicateCard communicateCard)
{
// Instantiate a new instance of MailMessage
MailMessage mMailMessage = new MailMessage();
// removed for security/brevity
// Set the body of the mail message
mMailMessage.Body = communicateCard.name; // THIS IS CURRENTLY BLANK :-(
// removed for security/brevity
mSmtpClient.Send(mMailMessage);
// do server side validation on form input
// if it's valid return true
// else return false
// currently returning NULL cuz I don't care at this point.
return this.Jsonp(null);
}
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
![扫码二维码加入Web技术交流群](/public/img/jiaqun_03.jpg)
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(6)
结果我必须创建一个
ActionFilterAttribute
Turns out I had to create an
ActionFilterAttribute
我在 MVC 和 IIS 中以不同的方式解决了这个问题。我发现这个问题的原因是因为我想从客户端 javascript POST 数据(JSONP 不适用于),并且最重要的是希望允许位于 POST 请求内容内的 JSON 数据。
实际上,您的代码想要忽略第一个 CORS OPTIONS 请求,因为这可能是“站点范围设置”,而不是每个 API 调用设置。
首先,我将 IIS 配置为发送 CORS 响应,这可以通过 IIS 管理器(或通过 web.config 更新)来完成,如果您使用 IIS,则转到要添加这两个值的站点:
然后我创建了一个自定义ActionFilter,必须应用于每个您想要接受 POST 数据的控制器,这可能会触发 CORS 请求。自定义操作过滤器是:
然后在每个控制器的开头,您需要应用它来添加属性,例如:
现在我确信有一种方法可以在整个 MVC 解决方案中执行此操作(欢迎解决方案),但需要进行烧烤,上面的解决方案就可以了!
I solved this in a different way in MVC, and IIS. The reason I found this problem was because I wanted to POST data from client side javascript (which JSONP does not work for), and on top of that wanted to allow JSON data which sits inside the Content of the POST request.
In reality your code wants to ignore the first CORS OPTIONS request, as this is likely to be a "site wide setting", and not on a per API call setting.
First I configured IIS to send the CORS response, this can be done through IIS manager (or through web.config updates), if you use IIS then go to the site you want to add these two values:
Then I created a custom ActionFilter, which has to be applied for each controller that you want to accept POST data, which could trigger a CORS request. The custom action filter was:
Then at the start of each controller you need to apply this for add in an attribute, e.g.:
Now I am sure there is a way to do this across your whole MVC solution (solutions welcome), but need to make a BBQ and the solution above works!
我将以下内容添加到我的
配置部分:I added the following to my
<system.webServer>
config section:只是为了回答为什么“OPTIONS”而不是“POST”的问题,那是因为浏览器正在实现 CORS (跨域资源共享)。
这是一个由两部分组成的过程,首先发送 OPTIONS 请求,然后如果服务器以可接受的条件回复,则浏览器会发布包含数据/内容的实际请求。
Just to answer the question why "OPTIONS" and not "POST", that is because the browser is implementing CORS (Cross-origin resource sharing ).
This is a two part process of sending the OPTIONS request first, then if the server replies with acceptable conditions the browser then POSTS the actual request with data / content in.
我尝试了这里所有的答案,但没有一个有效。我最终意识到,如果预检检查返回非 200,浏览器会将其视为失败。在我的例子中,IIS 返回 404,即使带有标头也是如此。这是因为我的控制器方法有 2 个属性 - [HttpPost] 和 [HttpOptions]。显然,这不是表达多个动词的有效机制。我必须改用这个属性:[AcceptVerbs(HttpVerbs.Options | HttpVerbs.Post)]
I tried all the answers here and none worked. I eventually realized that browsers will treat the pre-flight check as failed if it returns non 200. In my case, IIS was returning 404, even with the headers. This is because I had 2 attributes on my controller method - [HttpPost] and [HttpOptions]. Apparently, this is not a valid mechanism for expressing multiple verbs. I had to use this attribute instead: [AcceptVerbs(HttpVerbs.Options | HttpVerbs.Post)]
经过一番努力,我发现处理 CORS 预检请求的唯一方法是使用一对 HttpModule 和 HttpHandler 来处理它。
发送所需的标头还不够。您必须尽早处理 OPTIONS 请求,并且不允许它到达您的控制器,因为它会在那里失败。
我能做到这一点的唯一方法是使用 HttpModule。
我关注了这篇博文:
http://geekswithblogs.net/abhijeetp/archive/2016/06/04/adding-cors-support-for-asp.net--webapi-the-no-hassle.aspx
总结一下工作,这是代码:
并将它们添加到
web.config
:这适用于 Web API 和 MVC。
After struggling a lot, I found out the only way to handle CORS preflight request is to handle it with a pair of HttpModule and HttpHandler.
Sending the required headers is not enough. You have to handle the OPTIONS request early and not allow it to reach your controllers, because it will fail there.
The only way that I could do this was with an HttpModule.
I followed this blog post:
http://geekswithblogs.net/abhijeetp/archive/2016/06/04/adding-cors-support-for-asp.net--webapi-the-no-hassle.aspx
To summarize the work, this is the code:
and add them to
web.config
:This works for Web API and MVC.