现象:

编写了REST接口:

[ServiceContract]

public interface IService1

{

    [OperationContract]

    [WebInvoke(UriTemplate = "/TestMethod", Method = "POST", BodyStyle = WebMessageBodyStyle.Bare, RequestFormat = WebMessageFormat.Json

      )]

    string TestMethod(CompositeType value);

}
  

数据契约

[DataContract]

public class CompositeType

{

    bool boolValue = true;

    string stringValue = "Hello ";

    [DataMember]

    public bool BoolValue

    {

        get { return boolValue; }

        set { boolValue = value; }

    }

    [DataMember]

    public string StringValue

    {

        get { return stringValue; }

        set { stringValue = value; }

    }

}  

服务实现

public class Service1 : IService1

{

    public string TestMethod(CompositeType value)

    {

        return string.Format("You entered: {0}", value.StringValue);

    }

}

 

ajax调用

$(document).ready(function () {

	$("button").click(function () {

		alert("clicked");

		var data = $("#txt").val();

		var postdata = {};

		var data_obj = {"BoolValue" : "true" , "StringValue": data}

		postdata["value"] =  data_obj; 

		var url = "https://tmdev01.tm00.com/testwcf/service1.svc/TestMethod";

		$.ajax({

			type: "POST",

			url: url,

			contentType: "application/json; charset=utf-8",

			data: JSON.stringify(postdata),

			dataType: "json",

			success: function(data) {console.log(data);},

			error: function(a,b,c) {console.log(a);}

		});

	});

});
  

报错:

No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost' is therefore not allowed access. The response had HTTP status code 405.

  

方法1:

全局请求拦截,处理OPTION谓词

protected void Application_BeginRequest(object sender, EventArgs e)

{

    HttpContext.Current.Response.AddHeader("Access-Control-Allow-Origin", "http://localhost");

    if (HttpContext.Current.Request.HttpMethod == "OPTIONS")

    {

        HttpContext.Current.Response.AddHeader("Access-Control-Allow-Methods", "POST, PUT, DELETE");

        HttpContext.Current.Response.AddHeader("Access-Control-Allow-Headers", "Content-Type, Accept");

        HttpContext.Current.Response.AddHeader("Access-Control-Max-Age", "1728000");

        HttpContext.Current.Response.End();

    }

}  

方法2:

定义跨域资源共享相关常量

class CorsConstants

{

       internal const string Origin = "Origin";

       internal const string AccessControlAllowOrigin = "Access-Control-Allow-Origin";

       internal const string AccessControlRequestMethod = "Access-Control-Request-Method";

       internal const string AccessControlRequestHeaders = "Access-Control-Request-Headers";

       internal const string AccessControlAllowMethods = "Access-Control-Allow-Methods";

       internal const string AccessControlAllowHeaders = "Access-Control-Allow-Headers";

       internal const string PreflightSuffix = "_preflight_";

}

  

创建cors属性

public class CorsEnabledAttribute : Attribute, IOperationBehavior

{

       public void AddBindingParameters(OperationDescription operationDescription, BindingParameterCollection bindingParameters)

       {

       }

       public void ApplyClientBehavior(OperationDescription operationDescription, ClientOperation clientOperation)

       {

       }

       public void ApplyDispatchBehavior(OperationDescription operationDescription, DispatchOperation dispatchOperation)

       {

       }

       public void Validate(OperationDescription operationDescription)

       {

       }

}

创建自定义消息分发拦截器

class CorsEnabledMessageInspector : IDispatchMessageInspector

    {

        private List corsEnabledOperationNames;

        public CorsEnabledMessageInspector(List corsEnabledOperations)

        {

            this.corsEnabledOperationNames = corsEnabledOperations.Select(o => o.Name).ToList();

        }

        public object AfterReceiveRequest(ref Message request, IClientChannel channel, InstanceContext instanceContext)

        {

            HttpRequestMessageProperty httpProp = (HttpRequestMessageProperty)request.Properties[HttpRequestMessageProperty.Name];

            object operationName;

            request.Properties.TryGetValue(WebHttpDispatchOperationSelector.HttpOperationNamePropertyName, out operationName);

            if (httpProp != null && operationName != null && this.corsEnabledOperationNames.Contains((string)operationName))

            {

                string origin = httpProp.Headers[CorsConstants.Origin];

                if (origin != null)

                {

                    return origin;

                }

            }

            return null;

        }

        public void BeforeSendReply(ref Message reply, object correlationState)

        {

            string origin = correlationState as string;

            if (origin != null)

            {

                HttpResponseMessageProperty httpProp = null;

                if (reply.Properties.ContainsKey(HttpResponseMessageProperty.Name))

                {

                    httpProp = (HttpResponseMessageProperty)reply.Properties[HttpResponseMessageProperty.Name];

                }

                else

                {

                    httpProp = new HttpResponseMessageProperty();

                    reply.Properties.Add(HttpResponseMessageProperty.Name, httpProp);

                }

                httpProp.Headers.Add(CorsConstants.AccessControlAllowOrigin, origin);

            }

        }

    }

 

class EnableCorsEndpointBehavior : IEndpointBehavior

    {

        public void AddBindingParameters(ServiceEndpoint endpoint, BindingParameterCollection bindingParameters)

        {

        }

        public void ApplyClientBehavior(ServiceEndpoint endpoint, ClientRuntime clientRuntime)

        {

        }

        public void ApplyDispatchBehavior(ServiceEndpoint endpoint, EndpointDispatcher endpointDispatcher)

        {

            List corsEnabledOperations = endpoint.Contract.Operations

                .Where(o => o.Behaviors.Find() != null)

                .ToList();

            endpointDispatcher.DispatchRuntime.MessageInspectors.Add(new CorsEnabledMessageInspector(corsEnabledOperations));

        }

        public void Validate(ServiceEndpoint endpoint)

        {

        }

    }

  

class PreflightOperationBehavior : IOperationBehavior

    {

        private OperationDescription preflightOperation;

        private List allowedMethods;

        public PreflightOperationBehavior(OperationDescription preflightOperation)

        {

            this.preflightOperation = preflightOperation;

            this.allowedMethods = new List();

        }

        public void AddAllowedMethod(string httpMethod)

        {

            this.allowedMethods.Add(httpMethod);

        }

        public void AddBindingParameters(OperationDescription operationDescription, BindingParameterCollection bindingParameters)

        {

        }

        public void ApplyClientBehavior(OperationDescription operationDescription, ClientOperation clientOperation)

        {

        }

        public void ApplyDispatchBehavior(OperationDescription operationDescription, DispatchOperation dispatchOperation)

        {

            dispatchOperation.Invoker = new PreflightOperationInvoker(operationDescription.Messages[1].Action, this.allowedMethods);

        }

        public void Validate(OperationDescription operationDescription)

        {

        }

    }

  

class PreflightOperationInvoker : IOperationInvoker

    {

        private string replyAction;

        List allowedHttpMethods;

        public PreflightOperationInvoker(string replyAction, List allowedHttpMethods)

        {

            this.replyAction = replyAction;

            this.allowedHttpMethods = allowedHttpMethods;

        }

        public object[] AllocateInputs()

        {

            return new object[1];

        }

        public object Invoke(object instance, object[] inputs, out object[] outputs)

        {

            Message input = (Message)inputs[0];

            outputs = null;

            return HandlePreflight(input);

        }

        public IAsyncResult InvokeBegin(object instance, object[] inputs, AsyncCallback callback, object state)

        {

            throw new NotSupportedException("Only synchronous invocation");

        }

        public object InvokeEnd(object instance, out object[] outputs, IAsyncResult result)

        {

            throw new NotSupportedException("Only synchronous invocation");

        }

        public bool IsSynchronous

        {

            get { return true; }

        }

        Message HandlePreflight(Message input)

        {

            HttpRequestMessageProperty httpRequest = (HttpRequestMessageProperty)input.Properties[HttpRequestMessageProperty.Name];

            string origin = httpRequest.Headers[CorsConstants.Origin];

            string requestMethod = httpRequest.Headers[CorsConstants.AccessControlRequestMethod];

            string requestHeaders = httpRequest.Headers[CorsConstants.AccessControlRequestHeaders];

            Message reply = Message.CreateMessage(MessageVersion.None, replyAction);

            HttpResponseMessageProperty httpResponse = new HttpResponseMessageProperty();

            reply.Properties.Add(HttpResponseMessageProperty.Name, httpResponse);

            httpResponse.SuppressEntityBody = true;

            httpResponse.StatusCode = HttpStatusCode.OK;

            if (origin != null)

            {

                httpResponse.Headers.Add(CorsConstants.AccessControlAllowOrigin, origin);

            }

            if (requestMethod != null && this.allowedHttpMethods.Contains(requestMethod))

            {

                httpResponse.Headers.Add(CorsConstants.AccessControlAllowMethods, string.Join(",", this.allowedHttpMethods));

            }

            if (requestHeaders != null)

            {

                httpResponse.Headers.Add(CorsConstants.AccessControlAllowHeaders, requestHeaders);

            }

            return reply;

        }

    }

  

给接口增加 cors属性标记

[ServiceContract]

public interface IService1

{

    [OperationContract]

    [WebInvoke(UriTemplate = "/TestMethod", Method = "POST", BodyStyle = WebMessageBodyStyle.Bare, RequestFormat = WebMessageFormat.Json

      ),CorsEnabled]

    string TestMethod(CompositeType value);

}

  

CORS详细说明:https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS

 

  

WCF REST开启Cors 解决 No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost' is therefore not allowed access. The response had HTTP status code 405.的更多相关文章

  1. java、ajax 跨域请求解决方案('Access-Control-Allow-Origin' header is present on the requested resource. Origin '请求源' is therefore not allowed access.)

      1.情景展示 ajax调取java服务器请求报错 报错信息如下: 'Access-Control-Allow-Origin' header is present on the requested ...

  2. 跨域问题解决----NO 'Access-Control-Allow-Origin' header is present on the requested resource.Origin'http://localhost:11000' is therfore not allowed access'

    NO 'Access-Control-Allow-Origin' header is present on the requested resource.Origin'http://localhost ...

  3. Failed to load http://wantTOgo.com/get_sts_token/: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://fromHere.com' is therefore not allowed access.

    Failed to load http://wantTOgo.com/get_sts_token/: No 'Access-Control-Allow-Origin' header is presen ...

  4. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'null' is therefore not allowed access.

    一.什么是跨域访问 举个栗子:在A网站中,我们希望使用Ajax来获得B网站中的特定内容.如果A网站与B网站不在同一个域中,那么就出现了跨域访问问题.你可以理解为两个域名之间不能跨过域名来发送请求或者请 ...

  5. XMLHttpRequest cannot load ''. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin ' ' is therefore not allowed access.

    ajax跨域 禁止访问! 利用Access-Control-Allow-Origin响应头解决跨域请求

  6. As.net WebAPI CORS, 开启跨源访问,解决错误No 'Access-Control-Allow-Origin' header is present on the requested resource

    默认情况下ajax请求是有同源策略,限制了不同域请求的响应. 例子:http://localhost:23160/HtmlPage.html 请求不同源API http://localhost:228 ...

  7. Webapi 跨域 解决解决错误No 'Access-Control-Allow-Origin' header is present on the requested resource 问题

    首先是web端(http://localhost:53784) 请求 api(http://localhost:81/api/)时出现错误信息: 查看控制台会发现错误:XMLHttpRequest c ...

  8. has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.

    前端显示: has been blocked by CORS policy: Response to preflight request doesn't pass access control che ...

  9. .Net Core 处理跨域问题Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource

    网页请求报错: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Or ...

随机推荐

  1. Atitit.dart语言的特性  编译时js语言大总结

    Atitit.dart语言的特性  编译时js语言大总结 1. 原型环境1 1.1. Dart可以编译js3 2. 第二个期待的理由是Dart的语言特性,没有什么特别特性好像,类似java c#一小时 ...

  2. gitlab配置smtp时,总是提示需要鉴权,记录一下爬坑过程。

    配置好smtp,然后发送邮件时总是提示 Net::SMTPFatalError: 550 5.7.1 authentication is required 最后发现是因为在gitlab web界面上配 ...

  3. mysql windows安装

    http://blog.csdn.net/tossgoon/article/details/44412491 1.从该地址http://dev.mysql.com/downloads/mysql/中选 ...

  4. PHP插入法排序

    /** 插入排序(Insertion Sort)的算法描述是一种简单直观的排序算法. 它的工作原理是通过构建有序序列,对于未排序数据,在已排序序列中从后向前扫描, 找到相应位置并插入.插入排序在实现上 ...

  5. Socket网络编程TCP、UDP演示样例

    Socket网络编程: 1) OSI(了解): 国际标准化组织ISO(International Orgnization for Standardization)指定了网络通信的模型:开放系统互联(O ...

  6. leetCode 57.Insert Interval (插入区间) 解题思路和方法

    Insert Interval  Given a set of non-overlapping intervals, insert a new interval into the intervals ...

  7. nginx访问日志中的时间格式修改

    1.说明 默认的时间格式是:[08/Mar/2013:09:30:58 +0800],由$time_local变量表示. 我想要改成如下格式:2013-03-08 12:21:03. 2.需要修改的文 ...

  8. jvm本身的多线程机制

    1 多线程环境下的构造函数调用 构造函数本身并没有隐式的同步,因为各个线程构建的是自己的对象,它们之间是不存在竞争关系的. 2 class loader在load class时被了sychronize ...

  9. ORDER BY today_used ASC' % (MAX_USED_TIMES)

    python D:\pymine\clean\spider_map\get_bd_uid_rest_b.py python D:\pymine\clean\spider_map\get_bd_uid_ ...

  10. 在VS2017环境中编译libxml2库

    libxml2库编译 1.下载libxml2,官网是:http://www.xmlsoft.org/downloads.html, 我下载的版本是:libxml2-sources-2.9.7.tar. ...