ServiceStack V4 Basic Auth 凭据错误 + CORS

Question

我试图为 ServiceStack V4 项目启用 CORS。我的插件配置如下：

 Plugins.Add(new CorsFeature(allowedHeaders:"Content-Type, Authorization"));

我还使用 HTTP 基本身份验证进行身份验证：

Plugins.Add(new AuthFeature(() => new AuthUserSession(),
                                        new IAuthProvider[]
                                        {
                                            new BasicAuthProvider(), //Sign-in with Basic Auth
                                            new CredentialsAuthProvider(), //HTML Form post of UserName/Password credentials
                                        }));

编辑

HTTP 请求（我正在使用基本身份验证发送无效凭据）

GET http://localhost:1337/channel/channel1/history HTTP/1.1 
User-Agent: Fiddler 
Origin: http://google.com 
Host: localhost:1337 
Authorization: Basic dXNlcjE6aW52YWxpZHBhc3M=

HTTP 响应（没有 CORS 标头）

HTTP/1.1 401 Unauthorized
Cache-Control: private
Content-Type: application/json; charset=utf-8
Server: Microsoft-IIS/8.0
X-AspNet-Version: 4.0.30319
Set-Cookie: ss-id=5JzRkMjA1eCcFhANnsWL; path=/; HttpOnly
Set-Cookie: ss-pid=UM738YinHoIl9hgQBf9o; expires=Sun, 20-May-2035 07:36:00 GMT; path=/; HttpOnly
X-SourceFiles: =?UTF-8?B?RDpcUHJvamVjdHNcV29ya1xPdmFsYXlcT3ZhbGF5XGNoYW5uZWxcY2hhbm5lbDFcaGlzdG9yeQ==?=
X-Powered-By: ASP.NET
Date: Wed, 20 May 2015 07:36:00 GMT
Content-Length: 1454

{<json body with error message goes here>}

在我尝试从客户端发送无效的用户凭据之前，一切正常。在这种情况下，CORS 标头被省略，浏览器无法访问响应消息。 我是否遗漏了一些配置细节？

Answer 1

我能够在 AppHost 中使用以下配置解决此问题：

UncaughtExceptionHandlers.Add((req, res, name, exception) =>
{
     //this is needed for inclusion of CORS headers in http error responses
     //(for example when invalid user credentials passed)
     res.ApplyGlobalResponseHeaders();
});