ajax - 在 WCF 服务上来自 AJAX 的 REST 请求期间在 CORS 中启用 OPTIONS 方法

Question

我已经挠头 7 个小时试图弄清楚这一点。我在网上搜索过，但没有运气。我有一个 Angular 应用程序正在向 WCF 命令行托管服务应用程序发出请求。我设法通过使用这两个类来获得 CORS:

public class CustomHeaderMessageInspector : IDispatchMessageInspector
{
    Dictionary<string, string> requiredHeaders;

    public CustomHeaderMessageInspector(Dictionary<string, string> headers)
    {
        requiredHeaders = headers ?? new Dictionary<string, string>();
    }

    public object AfterReceiveRequest(ref Message request, 
    System.ServiceModel.IClientChannel channel, 
    System.ServiceModel.InstanceContext instanceContext)
    {
        return null;
    }

    public void BeforeSendReply(ref Message reply, object correlationState)
    {
        var httpHeader = reply.Properties["httpResponse"] as HttpResponseMessageProperty;
        foreach (var item in requiredHeaders)
        {
            httpHeader.Headers.Add(item.Key, item.Value);
        }
    }
}

还有:

public class EnableCorsBehavior : BehaviorExtensionElement, IEndpointBehavior
{
    public void AddBindingParameters(ServiceEndpoint endpoint, System.ServiceModel.Channels.BindingParameterCollection bindingParameters)
    { }

    public void ApplyClientBehavior(ServiceEndpoint endpoint, System.ServiceModel.Dispatcher.ClientRuntime clientRuntime)
    { }

    public void ApplyDispatchBehavior(ServiceEndpoint endpoint, System.ServiceModel.Dispatcher.EndpointDispatcher endpointDispatcher)
    {
        var requiredHeaders = new Dictionary<string, string>();

        requiredHeaders.Add("Access-Control-Allow-Origin", "*");
        requiredHeaders.Add("Access-Control-Request-Method", "POST,GET,PUT,DELETE,OPTIONS");
        requiredHeaders.Add("Access-Control-Allow-Headers", "X-Requested-With,Content-Type");

        endpointDispatcher.DispatchRuntime.MessageInspectors.Add(new CustomHeaderMessageInspector(requiredHeaders));
    }

    public void Validate(ServiceEndpoint endpoint) { }

    public override Type BehaviorType
    {
        get { return typeof(EnableCorsBehavior); }
    }

    protected override object CreateBehavior()
    {
        return new EnableCorsBehavior();
    }
}

将此自定义扩展添加到 app.config 文件解决了我的 CORS 问题。我目前的问题是每当我发出 POST 请求时，都会收到错误消息:

Request Method:OPTIONS
Status Code:405 Method Not Allowed

我对 C# 还是很陌生，我似乎无法找到放置代码的地方，这将使我能够克服这个问题。我有一个想法，它应该放在 BeforeSendReply() 方法中的某个地方。请帮我!我真的很感激!

问候!

Answer 1

我找到了解决方案，我希望这可以帮助遇到同样问题的每个人。在我在问题中发布的 CustomHeaderMessageInspector 类中，我在 AfterReceiveRequest 方法中编辑了以下代码，如下所示:

// return null;
var httpRequest = (HttpRequestMessageProperty)request
    .Properties[HttpRequestMessageProperty.Name];
return new
{
    origin = httpRequest.Headers["Origin"],
    handlePreflight = httpRequest.Method.Equals("OPTIONS",
    StringComparison.InvariantCultureIgnoreCase)
};

我希望代码所做的是使用 OPTIONS 方法监视任何请求并使用预检状态“标记”它。然后我修改了 BeforeSendReply 中的代码，如下所示:

var state = (dynamic)correlationState;
if (state.handlePreflight)
{
    reply = Message.CreateMessage(MessageVersion.None, "PreflightReturn");

    var httpResponse = new HttpResponseMessageProperty();
    reply.Properties.Add(HttpResponseMessageProperty.Name, httpResponse);

    httpResponse.SuppressEntityBody = true;
    httpResponse.StatusCode = HttpStatusCode.OK;
}

var httpHeader = reply.Properties["httpResponse"] as HttpResponseMessageProperty;
foreach (var item in requiredHeaders)
{
    httpHeader.Headers.Add(item.Key, item.Value);
}

这样做(我希望)是获取任何带有 OPTIONS 标记的请求并通过返回 200 状态码来处理它。这终于让它工作了，我希望它可以帮助别人!