SignalR核心和跨域请求出现问题
我们将SignalR核心与CORS跨域请求一起使用.客户端无法连接到服务器. 401在请求的资源上没有未授权的没有Access-Control-Allow-Origin标头.错误:无法启动连接.请注意,我们使用的是最新的Signalr内核(asp.net core 2.0的Alpha版本).
We are using SignalR core with CORS cross domain requests. The client is unable to connect to server. 401 Unauthorized No Access-Control-Allow-Origin' header is present on the requested resource. Error: Failed to start the connection. Note we are using the most recent signalr core (alpha version for asp.net core 2.0).
请注意,在同一客户端应用程序中,我能够访问CORS Web API方法.它与SignalR集线器/客户端隔离.
Please note within the same client app, i'm able to access CORS Web API methods. It's isolated to SignalR hub/client.
我们在IIS中使用Windows身份验证.匿名似乎正在起作用.
We are using Windows authentication in IIS. Anonymous seems to be working.
服务器startup.cs:
Server startup.cs:
ConfigureServices()方法
ConfigureServices() method
services.AddCors();
services.AddSignalR();
配置方法
app.UseCors(x => x.AllowAnyOrigin().AllowAnyMethod().AllowAnyHeader().AllowCredentials());
app.UseSignalR(routes =>
{
routes.MapHub<TestHub>("test");
});
app.UseMvc();
javascript客户端:
javascript client:
let connection = new signalR.HubConnection(CORS_WEB_API_URL + '/test');
connection.on('send', data => {
console.log(data);
});
connection.start();
请告知.
我知道这是一篇老文章,但是答案是,使用SignalR时,您不能在CORS允许来源中使用通配符.
I know this is an old post, however, the answer is that with SignalR you cannot use wildcards in the CORS allow origin.
需要具体.对于开发,我使用以下方法:
Needs to be specific. For development I use this:
services.AddCors(options => options.AddPolicy("CorsDev", builder =>
{
builder
.AllowAnyMethod()
.AllowAnyHeader()
.WithOrigins(AppSettings.SPAHost, "http://localhost:8099")
.AllowCredentials();
}));
然后在startup.cs中的配置"中
Then in Configure in startup.cs
app.UseCors("CorsDev");
app.UseCors("CorsDev");
希望这对某人有帮助.