利用asp.net core 3.1 开发了一个webapi,部署在IIS时,出现如下错误:
Access to fetch at 'XXXXX' from origin 'http://xxxxxxx:xxxx' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: The value of the 'Access-Control-Allow-Origin' header in the response must not be the wildcard '*' when the request's credentials mode is 'include'.
在Startup.cs 的ConfigureServices和Configure都进行了跨域设置,具体的设置,微软官方文档说明的比较详细。
https://docs.microsoft.com/zh-cn/aspnet/core/security/cors?view=aspnetcore-3.1
部署在IIS依然有跨域问题,还是在上面微软官方文档里面找到了解决办法:需要安装IIS Cors跨域模块。
程序内部异常或错误也会报出跨域的问题。