【问题标题】:Enable CORS in Sharepoint 2013在 Sharepoint 2013 中启用 CORS
【发布时间】:2016-01-26 20:26:14
【问题描述】:

我需要从/到各种 Sharepoint 域进行 CORS,当然还要处理 OPTIONS 预检请求。 经过大量研究,我发现this 解决方案(几乎)是最适合我的需求。 修改 global.asax 让您可以处理多个域并传递凭据,以及 OPTIONS 预检请求。

不好的一面是,按照建议应用后,您无法再登录Sharepoint Designer。

我修改 global.asax 如下,CORS 可以,但是 Sharepoint Designer 没有。

public void Application_BeginRequest(object sender, EventArgs e) 
{
string httpOrigin = Request.Params["HTTP_ORIGIN"];
if (httpOrigin != null) 
{   
    HttpContext.Current.Response.AddHeader("Access-Control-Allow-Origin", httpOrigin);
    HttpContext.Current.Response.AddHeader("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE, OPTIONS");
    HttpContext.Current.Response.AddHeader("Access-Control-Allow-Headers", "Content-Type, Accept, X-RequestDigest");
    HttpContext.Current.Response.AddHeader("Access-Control-Allow-Credentials", "true");

    if (Request.HttpMethod == "OPTIONS")
    {
        HttpContext.Current.Response.StatusCode = 200;
        var httpApplication = sender as HttpApplication;
        httpApplication.CompleteRequest();
    }
}    
}

我与 Fiddler 一起阅读了 Sharepoint Designer 所做的请求,并且没有标题“Origin”,所以我不知道它在哪里失败。 当我尝试登录 Sharepoint Designer 时,我总是收到 401 作为响应。

有人知道如何解决吗?谢谢

【问题讨论】:

    标签: javascript sharepoint cors sharepoint-designer global-asax


    【解决方案1】:

    您可以如下更改您的条件。效果很好。

        protected void Application_BeginRequest(Object sender, EventArgs e)
        {
    
            HttpContext InRequest = HttpContext.Current;
    
            string OldPath = InRequest.Request.Path.ToLower();
    
            if (OldPath.Contains("myservice.svc"))
            {
    
                string httpOrigin = Request.Params["HTTP_ORIGIN"];
                HttpContext.Current.Response.AddHeader("Access-Control-Allow-Origin", httpOrigin);
                HttpContext.Current.Response.AddHeader("Access-Control-Allow-Methods",
                    "GET, POST, PUT, DELETE, OPTIONS");
                HttpContext.Current.Response.AddHeader("Access-Control-Allow-Headers",
                    "Origin, X-Requested-With, Content-Type, Accept, X-Token");
                HttpContext.Current.Response.AddHeader("Access-Control-Allow-Credentials", "true");
    
                if (Request.HttpMethod == "OPTIONS")
                {
                    HttpContext.Current.Response.StatusCode = 200;
                    var httpApplication = sender as HttpApplication;
                    httpApplication.CompleteRequest();
                }
            }
    
        }
    

    【讨论】:

      【解决方案2】:

      您是否尝试过更改 IIS 根目录下的 web.config?

      <?xml version="1.0" encoding="utf-8"?>
      <configuration>
       <system.webServer>
         <httpProtocol>
          <customHeaders>
            <add name="Access-Control-Allow-Origin" value="*" />
          </customHeaders>
         </httpProtocol>
       </system.webServer>
      </configuration>
      

      http://enable-cors.org/server_iis7.html

      【讨论】:

        【解决方案3】:

        这确实是网络配置修改,但要让它工作,我必须使用 SPWebConfigModification

        $webApp = Get-SPWebApplication http://myurl/
        $modification = New-Object Microsoft.SharePoint.Administration.SPWebConfigModification
        $modification.Path = "configuration/system.webServer/httpProtocol/customHeaders"
        $modification.Name = "add[@name=`"Access-Control-Allow-Origin`"][@value=`"http://theirurl`"]"
        $modification.Value = "<add name=`"Access-Control-Allow-Origin`" value=`"http://theirurl`" />"
        $modification.Owner = “Administrator”
        $modification.Sequence = 0
        $modification.Type = 0
        
        if (($webapp.WebConfigModifications | where-object { $_.Name -eq $modification.Name } | measure).Count -eq 0) {
            Write-Host "Adding " $modification.Name
            $webApp.WebConfigModifications.Add($modification)    
        }
        else {
            Write-Host $modification.Name already added
        }
        $webApp.Update()
        $webApp.WebConfigModifications
        $webApp.Parent.ApplyWebConfigModifications()
        

        【讨论】:

          猜你喜欢
          • 2020-01-13
          • 2014-01-26
          • 1970-01-01
          • 2013-06-04
          • 1970-01-01
          • 1970-01-01
          • 2018-11-04
          • 1970-01-01
          • 1970-01-01
          相关资源
          最近更新 更多