3

我正在尝试使 CORS 请求正常工作,但是在已部署的服务器上运行它时遇到了问题

我正在使用thinktecture 身份模型来设置我的 CORS,它在 IIS-express 的本地实例上运行时运行良好,但在站点的正确 IIS 7.5 版本上失败。


这是本地版本,完美运行

OPTIONS http://local.api.mysite.org:57339/api/search HTTP/1.1
Host: local.api.mysite.org:57339
Connection: keep-alive
Access-Control-Request-Method: POST
Origin: http://local.mysite.org:62747
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/29.0.1547.76 Safari/537.36
Access-Control-Request-Headers: accept, origin, content-type
Accept: */*
Referer: http://local.mysite.org:62747/search
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8

=======

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Expires: -1
Server: Microsoft-IIS/8.0
Access-Control-Allow-Origin: http://local.mysite.org:62747
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: accept,origin,content-type
X-AspNet-Version: 4.0.30319
X-SourceFiles: =?UTF-8?B?QzpcR2l0XGxpdmVzLWRldmVsb3BcQnJpZ2h0U29saWQuTGl2ZXMuV2ViQXBpXGFwaVxzZWFyY2g=?=
X-Powered-By: ASP.NET
Date: Tue, 01 Oct 2013 21:28:06 GMT
Content-Length: 0

这是已部署的版本并且失败了

OPTIONS http://betatest.api.mysite.org/api/search HTTP/1.1
Host: betatest.api.mysite.org
Connection: keep-alive
Access-Control-Request-Method: POST
Origin: http://betatest.mysite.org
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/29.0.1547.76 Safari/537.36
Access-Control-Request-Headers: accept, origin, content-type
Accept: */*
Referer: http://betatest.mysite.org/search
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8

=======

HTTP/1.1 200 OK
Allow: OPTIONS, TRACE, GET, HEAD, POST
Server: Microsoft-IIS/7.5
Public: OPTIONS, TRACE, GET, HEAD, POST
X-Powered-By: ASP.NET
Date: Tue, 01 Oct 2013 21:31:24 GMT
Content-Length: 0

GETS 在已部署的实例上工作正常,但在 POSTS 上却不行。

IISExpress 和 IIS7.5 之间的 OPTIONS 预检响应似乎不同

我试过清理缓存,但这并没有什么不同。

4

1 回答 1

2

听起来生产服务器上的 WebDAV 可能正在劫持 OPTIONS 请求。这篇博文展示了如何为应用程序禁用 WebDAV:

http://brockallen.com/2012/10/18/cors-iis-and-webdav/

于 2013-10-01T23:10:24.847 回答