如何转换请求标题以使我不会遇到CORS错误?
我目前有一个网站,该网站收录了所有信息请求,并将其转发到正确的网站。
目前是通过此纱线配置设置的:
{
"Logging": {
"LogLevel": {
"Default": "Information",
"Microsoft.AspNetCore": "Warning"
}
},
"AllowedHosts": "*",
"ReverseProxy": {
"Routes": {
"server": {
"ClusterId": "old-site",
"Match": {
"Path": "{**catch-all}"
}
},
"azure": {
"ClusterId": "new-site",
"Match": {
"Path": "yarpb"
}
}
},
"Clusters": {
"old-site": {
"Destinations": {
"server": {
"Address": "https://test-www.a.com/"
}
}
},
"new-site": {
"Destinations": {
"yarpb": {
"Address": "https://example.com/"
}
}
}
}
}
}
入口点为test.a.com,根据上面的重定向规则,将重定向到testwww.a.com。
这很好,可以按照预期的方式工作。
现在似乎有问题的一个网站是CMS退回umbraco,test.a.com/umbraco,有时会从App_plugins文件夹中获取文件。
其中一些文件用cors
是否有可能让它通过?
我在代码中尝试了此app.usecors(x => x.allowanyorigin()); 但这似乎没有改变任何东西吗?
就像在YARP重定向请求之后设置为YARP Logging状态200响应,但是浏览器说405?
日志片段:
2022-06-21T17:48:02.6237461+02:00 INFO [Yarp.ReverseProxy.Forwarder.HttpForwarder] [Forwarding] Proxying to https://test-www.a.com/App_Plugins/RJP.MultiUrlPicker/MultiUrlPicker.html HTTP/2 RequestVersionOrLower no-streaming
2022-06-21T17:48:02.6255128+02:00 INFO [Yarp.ReverseProxy.Forwarder.HttpForwarder] [ResponseReceived] Received HTTP/2.0 response 301.
2022-06-21T17:48:02.6256100+02:00 INFO [ReverseProxy.Middleware.RequestResponseLoggerMiddleware] [LogRequest] https://test.a.com/App_Plugins/RJP.MultiUrlPicker/MultiUrlPicker.html proxied to https://test-www.a.com//App_Plugins/RJP.MultiUrlPicker/MultiUrlPicker.html
2022-06-21T17:48:02.6273081+02:00 INFO [Yarp.ReverseProxy.Forwarder.HttpForwarder] [ResponseReceived] Received HTTP/2.0 response 200.
整个program.cs
var builder = WebApplication.CreateBuilder(args);
builder.Services.AddReverseProxy().LoadFromConfig(builder.Configuration.GetSection("ReverseProxy"));
builder.Services.AddLogging(x =>
{
x.AddJsonConsole();
x.AddFile($"logs/app-{DateTime.UtcNow:yyyyMMddHHmmss}.log", append: true);
});
var app = builder.Build();
app.UseStaticFiles();
app.UseRouting();
app.UseCors(x => x.AllowAnyOrigin());
app.MapReverseProxy(proxyPipeline =>
{
proxyPipeline.UseRequestResponseLogging();
});
app.Run();
I currently have a site which take in all ingoing request and forward them to the correct website.
This is currently setup via this Yarp configuration:
{
"Logging": {
"LogLevel": {
"Default": "Information",
"Microsoft.AspNetCore": "Warning"
}
},
"AllowedHosts": "*",
"ReverseProxy": {
"Routes": {
"server": {
"ClusterId": "old-site",
"Match": {
"Path": "{**catch-all}"
}
},
"azure": {
"ClusterId": "new-site",
"Match": {
"Path": "yarpb"
}
}
},
"Clusters": {
"old-site": {
"Destinations": {
"server": {
"Address": "https://test-www.a.com/"
}
}
},
"new-site": {
"Destinations": {
"yarpb": {
"Address": "https://example.com/"
}
}
}
}
}
}
The entry point is test.a.com and which according to the redirect rule above will redirect to test-www.a.com.
This is fine, and works as it is supposed.
One site that seems problematic now is the cms backoffice umbraco, test.a.com/umbraco, which sometimes fetches files from the app_plugins folder.
Some of these files are fetched with CORS
which is causing an issue when the original html request is being redirected to a different page.
Is it somehow possible let it pass through?
I have in the code tried this app.UseCors(x => x.AllowAnyOrigin());
but it does not seem to change anything?
its like this is being set after yarp redirect the request as yarp logging states 200 response, but the browser says 405?
Log snippet:
2022-06-21T17:48:02.6237461+02:00 INFO [Yarp.ReverseProxy.Forwarder.HttpForwarder] [Forwarding] Proxying to https://test-www.a.com/App_Plugins/RJP.MultiUrlPicker/MultiUrlPicker.html HTTP/2 RequestVersionOrLower no-streaming
2022-06-21T17:48:02.6255128+02:00 INFO [Yarp.ReverseProxy.Forwarder.HttpForwarder] [ResponseReceived] Received HTTP/2.0 response 301.
2022-06-21T17:48:02.6256100+02:00 INFO [ReverseProxy.Middleware.RequestResponseLoggerMiddleware] [LogRequest] https://test.a.com/App_Plugins/RJP.MultiUrlPicker/MultiUrlPicker.html proxied to https://test-www.a.com//App_Plugins/RJP.MultiUrlPicker/MultiUrlPicker.html
2022-06-21T17:48:02.6273081+02:00 INFO [Yarp.ReverseProxy.Forwarder.HttpForwarder] [ResponseReceived] Received HTTP/2.0 response 200.
entire program.cs
var builder = WebApplication.CreateBuilder(args);
builder.Services.AddReverseProxy().LoadFromConfig(builder.Configuration.GetSection("ReverseProxy"));
builder.Services.AddLogging(x =>
{
x.AddJsonConsole();
x.AddFile(quot;logs/app-{DateTime.UtcNow:yyyyMMddHHmmss}.log", append: true);
});
var app = builder.Build();
app.UseStaticFiles();
app.UseRouting();
app.UseCors(x => x.AllowAnyOrigin());
app.MapReverseProxy(proxyPipeline =>
{
proxyPipeline.UseRequestResponseLogging();
});
app.Run();
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(4)
因此,经过一番调查,我终于通过将响应标头的位置与请求标题相同,从而通过YARP解决了问题。
So after some investigation i finally managed to fix the issue via yarp, by modifiying the response header location to be the same as the request header.
来自文档看来您需要通过调用
要求方法来映射条目以使用CORS。似乎您最好构建策略,将所需的起源添加到该策略,然后将您的条目映射到策略中。这样 - 对策略的任何更改都会立即影响所有注册的终点。
另外,请注意,当您在CORS配置内使用通配符时,您可以在现代浏览器中禁用其他功能( mdn 进行救援)。所以请 - 尝试指定自己的域,以确保一切正常
From the documentation it seems that you need to map your entries to use CORS by calling
RequireCorsmethod.It also seems that it is better for you to construct a policy, add the desired origins to that policy and then map your entries to the policy. That way - any change to the policy will immediately affect all registered end-points.
Also, beware that when you are using a wildcard inside your CORS config, you may disable other functionality in modern browsers (MDN to the rescue). So please - try to specify your own domain to ensure everything works as excepted
在配置中添加以下内容
Add following in Configure
将其添加到配置服务中:
Add this to service in ConfigureServices: