删除和选项请求得到 401 未经授权的响应
Delete and Options requests gets a 401 unathorized response
我正在使用托管在远程 IIS 服务器上的 .net 核心网络 api 3.1,每个 delete/options 请求都会收到 401 unathorized html 回复,我在我的启动中允许了 CORS,但没有成功。
更新:这是我的创业公司
public class Startup
{
public Startup(IConfiguration configuration)
{
Configuration = configuration;
}
public IConfiguration Configuration { get; }
public void ConfigureServices(IServiceCollection services)
{
services.AddDbContext<BrmajaCommerceSearchContext>(options => options.UseSqlServer(Configuration.GetConnectionString("SearchConnectionString")));
services.AddDbContext<IdentityContext>(options => options.UseSqlServer(Configuration.GetConnectionString("DefaultConnection")));
services.AddCors(o => o.AddPolicy("AllowAll", b => b.AllowAnyOrigin().AllowAnyMethod().AllowAnyHeader()));
services.AddControllers().AddNewtonsoftJson(s =>
{
s.SerializerSettings.ReferenceLoopHandling = ReferenceLoopHandling.Ignore;
});
services.AddSwaggerGen(c =>
{
c.SwaggerDoc("v1", new OpenApiInfo
{
Title = "Ecommerce API",
Version = "v1"
});
// Set the comments path for the Swagger JSON and UI.
var xmlFile = Assembly.GetExecutingAssembly().GetName().Name + ".xml";
var xmlPath = Path.Combine(AppContext.BaseDirectory, xmlFile);
c.IncludeXmlComments(xmlPath);
});
services.AddAuthentication()
}
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
app.UseHttpsRedirection();
app.UseRouting();
app.UseAuthorization();
app.UseCors("AllowAll");
app.UseEndpoints(endpoints =>
{
endpoints.MapControllers();
});
app.UseSwagger();
app.UseSwaggerUI(c =>
{
c.SwaggerEndpoint("swagger/v1/swagger.json", "Ecommerce");
c.RoutePrefix = string.Empty;
});
}
}
所描述行为的最可能原因是为这些 HTTP 动词提供服务的 IIS WebDAV 模块。您必须使用 IIS 配置管理器或包含
的 web.config 文件禁用它
<?xml version="1.0" encoding="UTF-8"?>
<configuration>
<system.webServer>
<modules>
<remove name="WebDAVModule" />
</modules>
<handlers>
<remove name="WebDAV" />
</handlers>
</system.webServer>
<configuration>
通过启用 iis 服务器上的所有动词解决 -> .NET 授权规则
我正在使用托管在远程 IIS 服务器上的 .net 核心网络 api 3.1,每个 delete/options 请求都会收到 401 unathorized html 回复,我在我的启动中允许了 CORS,但没有成功。
更新:这是我的创业公司
public class Startup
{
public Startup(IConfiguration configuration)
{
Configuration = configuration;
}
public IConfiguration Configuration { get; }
public void ConfigureServices(IServiceCollection services)
{
services.AddDbContext<BrmajaCommerceSearchContext>(options => options.UseSqlServer(Configuration.GetConnectionString("SearchConnectionString")));
services.AddDbContext<IdentityContext>(options => options.UseSqlServer(Configuration.GetConnectionString("DefaultConnection")));
services.AddCors(o => o.AddPolicy("AllowAll", b => b.AllowAnyOrigin().AllowAnyMethod().AllowAnyHeader()));
services.AddControllers().AddNewtonsoftJson(s =>
{
s.SerializerSettings.ReferenceLoopHandling = ReferenceLoopHandling.Ignore;
});
services.AddSwaggerGen(c =>
{
c.SwaggerDoc("v1", new OpenApiInfo
{
Title = "Ecommerce API",
Version = "v1"
});
// Set the comments path for the Swagger JSON and UI.
var xmlFile = Assembly.GetExecutingAssembly().GetName().Name + ".xml";
var xmlPath = Path.Combine(AppContext.BaseDirectory, xmlFile);
c.IncludeXmlComments(xmlPath);
});
services.AddAuthentication()
}
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
app.UseHttpsRedirection();
app.UseRouting();
app.UseAuthorization();
app.UseCors("AllowAll");
app.UseEndpoints(endpoints =>
{
endpoints.MapControllers();
});
app.UseSwagger();
app.UseSwaggerUI(c =>
{
c.SwaggerEndpoint("swagger/v1/swagger.json", "Ecommerce");
c.RoutePrefix = string.Empty;
});
}
}
所描述行为的最可能原因是为这些 HTTP 动词提供服务的 IIS WebDAV 模块。您必须使用 IIS 配置管理器或包含
的 web.config 文件禁用它<?xml version="1.0" encoding="UTF-8"?>
<configuration>
<system.webServer>
<modules>
<remove name="WebDAVModule" />
</modules>
<handlers>
<remove name="WebDAV" />
</handlers>
</system.webServer>
<configuration>
通过启用 iis 服务器上的所有动词解决 -> .NET 授权规则