How to establish a cross-domain connection

Typically if the browser loads a page from http://contoso.com, the SignalR connection is in the same domain, athttp://contoso.com/signalr. If the page from http://contoso.com makes a connection to http://fabrikam.com/signalr, that is a cross-domain connection. For security reasons, cross-domain connections are disabled by default.

In SignalR 1.x, cross domain requests were controlled by a single EnableCrossDomain flag. This flag controlled both JSONP and CORS requests. For greater flexibility, all CORS support has been removed from the server component of SignalR (JavaScript clients still use CORS normally if it is detected that the browser supports it), and new OWIN middleware has been made available to support these scenarios.

If JSONP is required on the client (to support cross-domain requests in older browsers), it will need to be enabled explicitly by settingEnableJSONP on the HubConfiguration object to true, as shown below. JSONP is disabled by default, as it is less secure than CORS.

Adding Microsoft.Owin.Cors to your project: To install this library, run the following command in the Package Manager Console:

Install-Package Microsoft.Owin.Cors

This command will add the 2.1.0 version of the package to your project.

Calling UseCors

The following code snippet demonstrates how to implement cross-domain connections in SignalR 2.

Implementing cross-domain requests in SignalR 2

The following code demonstrates how to enable CORS or JSONP in a SignalR 2 project. This code sample uses Map and RunSignalR instead ofMapSignalR, so that the CORS middleware runs only for the SignalR requests that require CORS support (rather than for all traffic at the path specified in MapSignalR.) Map can also be used for any other middleware that needs to run for a specific URL prefix, rather than for the entire application.

using Microsoft.AspNet.SignalR;

using Microsoft.Owin.Cors;

using Owin;

namespace MyWebApplication

{

    public class Startup

    {

        public void Configuration(IAppBuilder app)

        {

            // Branch the pipeline here for requests that start with "/signalr"

            app.Map("/signalr", map =>

            {

                // Setup the CORS middleware to run before SignalR.

                // By default this will allow all origins. You can

                // configure the set of origins and/or http verbs by

                // providing a cors options with a different policy.

                map.UseCors(CorsOptions.AllowAll);

                var hubConfiguration = new HubConfiguration

                {

                    // You can enable JSONP by uncommenting line below.

                    // JSONP requests are insecure but some older browsers (and some

                    // versions of IE) require JSONP to work cross domain

                    // EnableJSONP = true

                };

                // Run the SignalR pipeline. We're not using MapSignalR

                // since this branch already runs under the "/signalr"

                // path.

                map.RunSignalR(hubConfiguration);

            });

        }

    }

}

SignalR 的跨域支持的更多相关文章

  1. 浅谈Web Api配合SignalR的跨域支持

    最近接手的一个项目中,涉及到一个简单的消息模块,由于之前有简单了解过SignalR,所以打算尝试着摸索摸索~! 首先,通过Nuget管理器添加Microsoft ASP.NET SignalR引用~目 ...

  2. SpringMvc跨域支持

    SpringMvc跨域支持 在controller层加上注解@CrossOrigin可以实现跨域 该注解有两个参数 1,origins  : 允许可访问的域列表 2,maxAge:飞行前响应的缓存持续 ...

  3. ASP.NET Core 2.1与2.2 SignalR CORS 跨域问题

    将 SignalR 集成到 ASP.NET Core api 程序的时候,按照官方 DEMO 配置完成,本地访问没有问题,但是发布之后一直报跨域问题,本地是这样设置的: Asp.net core 2. ...

  4. Nginx配置跨域支持功能

    跨域是前端开发中经常会遇到的问题,前端调用后台服务时,通常会遇到 No 'Access-Control-Allow-Origin' header is present on the requested ...

  5. ASP.NET Core SignalR CORS 跨域问题

    将 SignalR 集成到 ASP.NET Core api 程序的时候,按照官方 DEMO 配置完成,本地访问没有问题,但是发布之后一直报跨域问题,本地是这样设置的: 原始代码: services. ...

  6. webapi 开启跨域支持

    1.Global文件: GlobalConfiguration.Configuration.EnableCors(); 2.需要跨域的action或controller添加跨域规则 [EnableCo ...

  7. Chrome 浏览器添加跨域支持

    开发前端本地项目时,涉及到与后端服务器的通信联调,在使用 ajax 时由于浏览器的安全策略不允许跨域.一种方式是本地搭建转发服务器,今天又 GET 到一种更直接的方式,在 Chrome 浏览器开启时添 ...

  8. 文字沟通工具使用SignalR,跨域例子源代码

    其他网站已经有很多关于SignalR的介绍了.这里不多介绍. 安装:Install-Package Microsoft.AspNet.SignalR -Version 1.1.4 参考自:http:/ ...

  9. 为Asp.net WebApi 添加跨域支持

    Nuget安装包:microsoft.aspnet.webapi.cors 原文地址:https://www.asp.net/web-api/overview/security/enabling-cr ...

随机推荐

  1. 一种基于重载的高效c#上图片添加文字图形图片的方法

    在做图片监控显示的时候,需要在图片上添加文字,如果用graphics类绘制图片上的字体,实现图像上添加自定义标记,这种方法经验证是可行的,并且在visual c#2005 编程技巧大全上有提到,但是, ...

  2. 开发中可能会用到的几个 jQuery 小提示和技巧 (转)

    转自:http://www.cnblogs.com/lhb25/p/useful-jquery-tips-and-tricks.html 今天,我们将分享一些很有用的技巧和窍门给 jQuery 开发人 ...

  3. Config配置文件读写

    config文件读写操作(文字说明附加在程序中) App.config文件 <?xml version="1.0" encoding="utf-8" ?& ...

  4. CSS3 过滤

    CSS3 过滤 通过CSS3,我们可以在不适用flash动画或JavaScript的情况下,当元素从一种样式变换为另一种样式时为元素添加效果. 浏览器支持 属性 浏览器支持 transition   ...

  5. linux下查看所有用户及所有用户组

    groups 查看当前登录用户的组内成员groups gliethttp 查看gliethttp用户所在的组,以及组内成员whoami 查看当前登录用户名 /etc/group文件包含所有组/etc/ ...

  6. SQL 关于有单引号数据更新的问题

    要把sql语句中包含有单引号的符号加入到数据库中的做法 )),''','123.com') 很简单就是加入id=''123''            0'0就可以写成'0''0'

  7. tribonacci

    Everybody knows Fibonacci numbers, now we are talking about the Tribonacci numbers: T[0] = T[1] = T[ ...

  8. 解决secureCRT数据库里没有找到防火墙 '无'问题,转自:http://jingyan.baidu.com/article/9989c74601274bf649ecfe74.html

    中文版的secureCRT由于汉化的问题(把null翻译成无了),导致每次打开都会有个防火墙的错误提示:数据库里没有找到防火墙 '无' 此会话将尝试不通过防火墙进行连接.出现这个错误的原因是在secu ...

  9. HTML5 canvas文本属性与方法

    文本属性和方法 font                        设置或返回文本内容的当前字体属性 textAlign                设置或返回文本内容的当前对齐方式 start ...

  10. addChildViewController 用法

    // // SCMyOrderViewController.m // SmartCommunity // // Created by chenhuan on 15/9/7. // Copyright ...