.net c# webapi 设置允许跨域

chrome console error

Access to XMLHttpRequest at 'https://yzj.suijitask.cn/ip' from origin 'http://localhost:4000' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.

全局设置跨域

Nuget安装Microsoft.AspNet.WebApi.Cors

public static class WebApiConfig
{
    public static void Register(HttpConfiguration config)
    {
        // Web API 配置和服务
        // 不限制域名
        config.EnableCors(new EnableCorsAttribute("*", "*", "*"));
        // 针对域名设置，逗号隔开
        config.EnableCors(new EnableCorsAttribute("https://rocinn.github.io,http://localhost:4000", "*", "*"));
    }
}

按控制器设置

public static class WebApiConfig
{
    public static void Register(HttpConfiguration config)
    {
        // Web API 配置和服务
        config.EnableCors();
    }
}

[System.Web.Http.Cors.EnableCors("https://rocinn.github.io,http://localhost:4000", "*", "*")]
public class CommonController : ApiController
{

}

针对接口设置

方式1

public static class WebApiConfig
{
    public static void Register(HttpConfiguration config)
    {
        // Web API 配置和服务
        config.EnableCors();
    }
}

public class CommonController : ApiController
{
    [System.Web.Http.Cors.EnableCors("https://rocinn.github.io,http://localhost:4000", "*", "*")]
    [HttpGet, Route("ip")]
    public IHttpActionResult GetXXX()
    {
        string ip = System.Web.HttpContext.Current.Request.UserHostAddress;

        return Json(new Dictionary<string, object>() { { "ip", ip } });
    }
}

方式2

public class CommonController : ApiController
{
    [HttpGet, Route("ip")]
    public IHttpActionResult GetXXX()
    {
        string ip = System.Web.HttpContext.Current.Request.UserHostAddress;

        // 可以设置 *, 或者指定一个域名（只能指定一个）
        System.Web.HttpContext.Current.Response.AddHeader("Access-Control-Allow-Origin", "https://rocinn.github.io");

        return Json(new Dictionary<string, object>() { { "ip", ip } });
    }
}