在 Sharepoint 2013 中启用 CORS
Posted
技术标签:
【中文标题】在 Sharepoint 2013 中启用 CORS【英文标题】:Enable CORS in Sharepoint 2013 【发布时间】:2016-01-26 20:26:14 【问题描述】:我需要从/到各种 Sharepoint 域进行 CORS,当然还要处理 OPTIONS 预检请求。 经过大量研究,我发现this 解决方案(几乎)是最适合我的需求。 修改 global.asax 让您可以处理多个域并传递凭据,以及 OPTIONS 预检请求。
不好的一面是,按照建议应用后,您无法再登录Sharepoint Designer。
我修改 global.asax 如下,CORS 可以,但是 Sharepoint Designer 没有。
public void Application_BeginRequest(object sender, EventArgs e)
string httpOrigin = Request.Params["HTTP_ORIGIN"];
if (httpOrigin != null)
HttpContext.Current.Response.AddHeader("Access-Control-Allow-Origin", httpOrigin);
HttpContext.Current.Response.AddHeader("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE, OPTIONS");
HttpContext.Current.Response.AddHeader("Access-Control-Allow-Headers", "Content-Type, Accept, X-RequestDigest");
HttpContext.Current.Response.AddHeader("Access-Control-Allow-Credentials", "true");
if (Request.HttpMethod == "OPTIONS")
HttpContext.Current.Response.StatusCode = 200;
var httpApplication = sender as HttpApplication;
httpApplication.CompleteRequest();
我与 Fiddler 一起阅读了 Sharepoint Designer 所做的请求,并且没有标题“Origin”,所以我不知道它在哪里失败。 当我尝试登录 Sharepoint Designer 时,我总是收到 401 作为响应。
有人知道如何解决吗?谢谢
【问题讨论】:
【参考方案1】:您可以如下更改您的条件。效果很好。
protected void Application_BeginRequest(Object sender, EventArgs e)
HttpContext InRequest = HttpContext.Current;
string OldPath = InRequest.Request.Path.ToLower();
if (OldPath.Contains("myservice.svc"))
string httpOrigin = Request.Params["HTTP_ORIGIN"];
HttpContext.Current.Response.AddHeader("Access-Control-Allow-Origin", httpOrigin);
HttpContext.Current.Response.AddHeader("Access-Control-Allow-Methods",
"GET, POST, PUT, DELETE, OPTIONS");
HttpContext.Current.Response.AddHeader("Access-Control-Allow-Headers",
"Origin, X-Requested-With, Content-Type, Accept, X-Token");
HttpContext.Current.Response.AddHeader("Access-Control-Allow-Credentials", "true");
if (Request.HttpMethod == "OPTIONS")
HttpContext.Current.Response.StatusCode = 200;
var httpApplication = sender as HttpApplication;
httpApplication.CompleteRequest();
【讨论】:
【参考方案2】:您是否尝试过更改 IIS 根目录下的 web.config?
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<system.webServer>
<httpProtocol>
<customHeaders>
<add name="Access-Control-Allow-Origin" value="*" />
</customHeaders>
</httpProtocol>
</system.webServer>
</configuration>
http://enable-cors.org/server_iis7.html
【讨论】:
【参考方案3】:这确实是网络配置修改,但要让它工作,我必须使用 SPWebConfigModification 类
$webApp = Get-SPWebApplication http://myurl/
$modification = New-Object Microsoft.SharePoint.Administration.SPWebConfigModification
$modification.Path = "configuration/system.webServer/httpProtocol/customHeaders"
$modification.Name = "add[@name=`"Access-Control-Allow-Origin`"][@value=`"http://theirurl`"]"
$modification.Value = "<add name=`"Access-Control-Allow-Origin`" value=`"http://theirurl`" />"
$modification.Owner = “Administrator”
$modification.Sequence = 0
$modification.Type = 0
if (($webapp.WebConfigModifications | where-object $_.Name -eq $modification.Name | measure).Count -eq 0)
Write-Host "Adding " $modification.Name
$webApp.WebConfigModifications.Add($modification)
else
Write-Host $modification.Name already added
$webApp.Update()
$webApp.WebConfigModifications
$webApp.Parent.ApplyWebConfigModifications()
【讨论】:
以上是关于在 Sharepoint 2013 中启用 CORS的主要内容,如果未能解决你的问题,请参考以下文章
powershell 这将在SharePoint 2013中创建新文档集。您必须启用内容类型。以下示例使用文档集名称“T
BEGINNING SHAREPOINT® 2013 DEVELOPMENT 第13章节--使用业务连接服务创建业务线解决方式 创建启用BCS的业务解决方式