1 
OPTIONS http://localhost:7514/Employees/testrestricted 401 (Unauthorized) angular.js:10419
OPTIONS http://localhost:7514/Employees/testrestricted Origin http://localhost:4064 is not allowed by Access-Control-Allow-Origin. angular.js:10419
XMLHttpRequest cannot load http://localhost:7514/Employees/testrestricted. Origin http://localhost:4064 is not allowed by Access-Control-Allow-Origin.

我已经有这样的 app.js 设置:

var app = angular.module('angular-auth-demo', ['http-auth-interceptor']);

app.config(['$routeProvider', '$httpProvider', function ($routeProvider, $httpProvider) {

    $httpProvider.defaults.useXDomain = true;
    delete $httpProvider.defaults.headers.common['X-Requested-With'];

    $routeProvider.
        when('/home', { templateUrl: 'partial-content.html', controller: 'ContentController' }).
        otherwise({ redirectTo: '/home' });
}]);

有没有办法找出这是否是 angular 或 asp.net mvc 上的错误,因为我在那端也有一个 cors 配置,但我认为浏览器实际上没有机会访问服务器?

4

3 回答 3

3

我在使用 Font Awesome 跨域时遇到了类似的问题 - 特别是使用 Firefox。

直接在您需要访问的资源中添加 web.config 为我解决了这个问题。

 <configuration>
    <system.webServer>
        <httpProtocol>
          <customHeaders>
            <add name="Access-Control-Allow-Origin" value="*" />
          </customHeaders>
       </httpProtocol>
   </system.webServer>
</configuration>
于 2013-06-21T01:14:55.927 回答
1

该请求正在到达服务器,因为服务器返回 401。请参阅 Chrome 开发工具或 Firebug 中的网络选项卡。假设您已经有了Access-Control-Allow-Origin标头,您可能需要指定Access-Control-Allow-Headers标头并添加Content-Type为它的值。也许发布您的 CORS 配置/代码?

于 2013-06-21T01:09:43.197 回答
0

以下解决方案适用于: http ://forums.asp.net/t/1885459.aspx

protected void Application_BeginRequest(object sender, EventArgs e)
        {
            if (this.Context.Request.Path.Contains("signalr/negotiate"))
            {
                this.Context.Response.AddHeader("Access-Control-Allow-Origin", "*");
                this.Context.Response.AddHeader("Access-Control-Allow-Headers", "Content-Type, Accept");
                this.Context.Response.AddHeader("Access-Control-Allow-Methods", "GET, POST");
                this.Context.Response.AddHeader("Access-Control-Allow-Credentials", "true");
            }
        }
于 2013-09-30T10:56:03.227 回答