首页 文章

即使在预检OPTIONS成功之后,AJAX CORS webAPI请求也会失败

提问于
浏览
1

我正在尝试对托管在测试服务器中的Web API服务进行CORS AJAX“GET”调用 . webAPI URL = http:xxx:xxx:xxx:xxx / api / v1 / jobs

我在WebAPIConfig.cs中有以下代码行

var cors = new EnableCorsAttribute("*","*","*");
config.EnableCors(cors);

AJAX请求(来自本地)

$.ajax({
      type: "GET",
      datatype: "JSON",
      url: http: xxx: xxx: xxx: xxx / api / v1 / jobs,
      contentType: "application/json";
      charset = utf - 8 ",
            accept: 'application/json',
            beforeSend: BH,            
            success: callback
        }).done(function (data) {
            var str = data.job_id + ': ' + data.job_name;
            $('#responsevalue').text(str);
        }).error(function (jqXHR, textStatus, errorThrown) {
            $('#responsevalue').text(jqXHR.status + "::" + jqXHR.statusText + "::" + jqXHR.responseText );
        });

在Fiddler中,我可以看到发送OPTIONS的飞行前请求以及200的响应 .

Fiddler请求 Headers :

OPTIONS http:xxx:xxx:xxx:xxx/api/v1/jobs HTTP/1.1
Host: 50.17.211.226
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:31.0) Gecko/20100101 Firefox/31.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://localhost:55346
Access-Control-Request-Method: GET
Access-Control-Request-Headers: requestdateutc,requestverificationtoken
Connection: keep-alive

Fiddler响应 Headers

HTTP/1.1 200 OK
Server: Microsoft-IIS/7.5
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, PUT, DELETE
Access-Control-Allow-Headers: Content-Type, Accept
Access-Control-Max-Age: 1728000
X-Powered-By: ASP.NET
Date: Thu, 20 Nov 2014 14:21:50 GMT
Content-Length: 0

在Firebug中,我可以看到以下细节:

Firebug请求 Headers :

OPTIONS http:xxx.xxx.xxx.xxx/api/v1/jobs HTTP/1.1
Host: xxx.xxx.xxx.xxx
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:31.0) Gecko/20100101 Firefox/31.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http:localhost:55346
Access-Control-Request-Method: GET
Access-Control-Request-Headers: requestdateutc,requestverificationtoken
Connection: keep-alive

Firebug响应 Headers :

HTTP/1.1 200 OK
Server: Microsoft-IIS/7.5
Access-Control-Allow-Origin: *, *
Access-Control-Allow-Methods: GET, POST, PUT, DELETE
Access-Control-Allow-Headers: Content-Type, Accept, Content-Type
Access-Control-Max-Age: 1728000
X-Powered-By: ASP.NET
Date: Thu, 20 Nov 2014 18:08:36 GMT
Content-Length: 0

我在这里和其他地方阅读了很多文档 . 它似乎很简单,适合所有人(除了我) .

Final note: I tested the API with the html page residing in side the test server an it worked fine. Meaning the service and the web page both residing in the same domain. Additional Info: Browser: Firefox, ASP.NET 4.5, web API 2.2, VS2013 Express

在此先感谢,任何帮助将不胜感激 .

asp.net-web-api

1 回答

  • 0

    在您的回复中,它表示允许的标头是 Content-Type, Accept, Content-Type ,但您要求的是 requestdateutc,requestverificationtoken . 尝试明确允许这些标头 .

    回复于

相关问题