/// <summary>
/// on action executing...
/// </summary>
/// <param name="filterContext"></param>
public override void OnActionExecuting(ActionExecutingContext filterContext)
{
if (HasOrigin(filterContext))
{
var corsPolicy = _policy ?? InternalCorsPolicyManager.GetPolicy(_policyName) ?? InternalCorsPolicyManager.GetDefaultPolicy();
var context = filterContext.RequestContext.HttpContext;
if (corsPolicy != null &&
(!CorsCoreHelper.DoesPolicyContainsMatchingRule(corsPolicy) ||
(CorsCoreHelper.DoesPolicyContainsMatchingRule(corsPolicy) && CorsCoreHelper.IsMatchedIgnoreRule(context, corsPolicy))))
{
var corsResult = CorsCoreHelper.EvaluatePolicy(context, corsPolicy);
CorsCoreHelper.ApplyResult(corsResult, context.Response);
var accessControlRequestMethod = context.Request.Headers[CorsConstants.AccessControlRequestMethod];
if (string.Equals(context.Request.HttpMethod, CorsConstants.PreflightHttpMethod, StringComparison.OrdinalIgnoreCase) &&
!string.IsNullOrEmpty(accessControlRequestMethod))
{
context.Response.StatusCode = new HttpStatusCodeResult(HttpStatusCode.NoContent).StatusCode;
return;
}
}
}
base.OnActionExecuting(filterContext);
}
public static void WithCors(this NancyContext context, CorsPolicy policy)
{
if (context == null)
{
throw new ArgumentNullException(nameof(context));
}
if (policy != null && HasOrigin(context))
{
if (!CorsCoreHelper.DoesPolicyContainsMatchingRule(policy) ||
CorsCoreHelper.DoesPolicyContainsMatchingRule(policy) && CorsCoreHelper.IsMatchedIgnoreRule(context, policy))
{
var corsResult = CorsCoreHelper.EvaluatePolicy(context, policy);
CorsCoreHelper.ApplyResult(corsResult, context.Response);
var accessControlRequestMethod = context.Request.Headers[CorsConstants.AccessControlRequestMethod]?.FirstOrDefault();
if (string.Equals(context.Request.Method, CorsConstants.PreflightHttpMethod,
StringComparison.OrdinalIgnoreCase) &&
!string.IsNullOrEmpty(accessControlRequestMethod))
{
context.Response.StatusCode = HttpStatusCode.NoContent;
}
}
}
}
/// <summary>
/// 全局使用 CORS
/// </summary>
/// <param name="filters"></param>
/// <param name="optionsAction"></param>
/// <returns></returns>
public static GlobalFilterCollection AddCorsFilter(this GlobalFilterCollection filters, Action <CorsOptions> optionsAction)
{
if (filters == null)
{
throw new ArgumentNullException(nameof(filters));
}
var options = new CorsOptions();
optionsAction?.Invoke(options);
CorsCoreHelper.Init(options);
if (Internal.InternalCorsPolicyManager.EnableGlobalCors)
{
filters.Add(new CorsAttribute(Internal.InternalCorsPolicyManager.GlobalCorsPolicyName));
}
return(filters);
}
/// <summary>
/// Use cors module
/// </summary>
/// <param name="pipelines"></param>
/// <param name="optionsAction"></param>
/// <returns></returns>
public static IPipelines UseCors(this IPipelines pipelines, Action <CorsOptions> optionsAction)
{
if (pipelines == null)
{
throw new ArgumentNullException(nameof(pipelines));
}
var options = new CorsOptions();
optionsAction?.Invoke(options);
InternalCorsPolicyManager.SetPolicyMap(options);
pipelines.AfterRequest.AddItemToEndOfPipeline(ctx =>
{
if (InternalCorsPolicyManager.EnableGlobalCors /*&& HasOrigin(ctx)*/)
{
var corsPolicy =
InternalCorsPolicyManager.GetPolicy(InternalCorsPolicyManager.GlobalCorsPolicyName) ??
InternalCorsPolicyManager.GetDefaultPolicy();
if (corsPolicy != null &&
(!CorsCoreHelper.DoesPolicyContainsMatchingRule(corsPolicy) ||
(CorsCoreHelper.DoesPolicyContainsMatchingRule(corsPolicy) && CorsCoreHelper.IsMatchedIgnoreRule(ctx, corsPolicy))))
{
var corsResult = CorsCoreHelper.EvaluatePolicy(ctx, corsPolicy);
CorsCoreHelper.ApplyResult(corsResult, ctx.Response);
var accessControlRequestMethod = ctx.Request.Headers[CorsConstants.AccessControlRequestMethod]?.FirstOrDefault();
if (string.Equals(ctx.Request.Method, CorsConstants.PreflightHttpMethod, StringComparison.OrdinalIgnoreCase) &&
!string.IsNullOrEmpty(accessControlRequestMethod))
{
ctx.Response.StatusCode = HttpStatusCode.NoContent;
}
}
}
//return null;
});
return(pipelines);
}