admin管理员组文章数量:1335444
I need to make CORS from/to various Sharepoint domains, and of course handle the OPTIONS preflight request. After a lot of research I found that this solution is (almost) the best for my needs. Modify global.asax let you handle more than one domain with credentials passed, and the OPTIONS preflight request.
The bad side is that after applying it as suggested, you can't login in Sharepoint Designer anymore.
I modified global.asax as below, CORS are ok, but Sharepoint Designer no.
public void Application_BeginRequest(object sender, EventArgs e)
{
string httpOrigin = Request.Params["HTTP_ORIGIN"];
if (httpOrigin != null)
{
HttpContext.Current.Response.AddHeader("Access-Control-Allow-Origin", httpOrigin);
HttpContext.Current.Response.AddHeader("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE, OPTIONS");
HttpContext.Current.Response.AddHeader("Access-Control-Allow-Headers", "Content-Type, Accept, X-RequestDigest");
HttpContext.Current.Response.AddHeader("Access-Control-Allow-Credentials", "true");
if (Request.HttpMethod == "OPTIONS")
{
HttpContext.Current.Response.StatusCode = 200;
var httpApplication = sender as HttpApplication;
httpApplication.CompleteRequest();
}
}
}
I read with Fiddler the request that Sharepoint Designer does and there's not the header 'Origin' so I don't know where's it fails. When I try to login in Sharepoint Designer, I get always 401 as response.
Is there someone that knows how to resolve? Thanks
I need to make CORS from/to various Sharepoint domains, and of course handle the OPTIONS preflight request. After a lot of research I found that this solution is (almost) the best for my needs. Modify global.asax let you handle more than one domain with credentials passed, and the OPTIONS preflight request.
The bad side is that after applying it as suggested, you can't login in Sharepoint Designer anymore.
I modified global.asax as below, CORS are ok, but Sharepoint Designer no.
public void Application_BeginRequest(object sender, EventArgs e)
{
string httpOrigin = Request.Params["HTTP_ORIGIN"];
if (httpOrigin != null)
{
HttpContext.Current.Response.AddHeader("Access-Control-Allow-Origin", httpOrigin);
HttpContext.Current.Response.AddHeader("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE, OPTIONS");
HttpContext.Current.Response.AddHeader("Access-Control-Allow-Headers", "Content-Type, Accept, X-RequestDigest");
HttpContext.Current.Response.AddHeader("Access-Control-Allow-Credentials", "true");
if (Request.HttpMethod == "OPTIONS")
{
HttpContext.Current.Response.StatusCode = 200;
var httpApplication = sender as HttpApplication;
httpApplication.CompleteRequest();
}
}
}
I read with Fiddler the request that Sharepoint Designer does and there's not the header 'Origin' so I don't know where's it fails. When I try to login in Sharepoint Designer, I get always 401 as response.
Is there someone that knows how to resolve? Thanks
Share Improve this question edited May 23, 2017 at 12:34 CommunityBot 11 silver badge asked Oct 27, 2015 at 12:15 SpeederSpeeder 111 gold badge1 silver badge4 bronze badges3 Answers
Reset to default 2You can change your condition as below. It works well.
protected void Application_BeginRequest(Object sender, EventArgs e)
{
HttpContext InRequest = HttpContext.Current;
string OldPath = InRequest.Request.Path.ToLower();
if (OldPath.Contains("myservice.svc"))
{
string httpOrigin = Request.Params["HTTP_ORIGIN"];
HttpContext.Current.Response.AddHeader("Access-Control-Allow-Origin", httpOrigin);
HttpContext.Current.Response.AddHeader("Access-Control-Allow-Methods",
"GET, POST, PUT, DELETE, OPTIONS");
HttpContext.Current.Response.AddHeader("Access-Control-Allow-Headers",
"Origin, X-Requested-With, Content-Type, Accept, X-Token");
HttpContext.Current.Response.AddHeader("Access-Control-Allow-Credentials", "true");
if (Request.HttpMethod == "OPTIONS")
{
HttpContext.Current.Response.StatusCode = 200;
var httpApplication = sender as HttpApplication;
httpApplication.CompleteRequest();
}
}
}
Have you tried changing web.config at your IIS' root?
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<system.webServer>
<httpProtocol>
<customHeaders>
<add name="Access-Control-Allow-Origin" value="*" />
</customHeaders>
</httpProtocol>
</system.webServer>
</configuration>
http://enable-cors/server_iis7.html
It's indeed web config modifications but to get this to work i had to use SPWebConfigModification class
$webApp = Get-SPWebApplication http://myurl/
$modification = New-Object Microsoft.SharePoint.Administration.SPWebConfigModification
$modification.Path = "configuration/system.webServer/httpProtocol/customHeaders"
$modification.Name = "add[@name=`"Access-Control-Allow-Origin`"][@value=`"http://theirurl`"]"
$modification.Value = "<add name=`"Access-Control-Allow-Origin`" value=`"http://theirurl`" />"
$modification.Owner = “Administrator”
$modification.Sequence = 0
$modification.Type = 0
if (($webapp.WebConfigModifications | where-object { $_.Name -eq $modification.Name } | measure).Count -eq 0) {
Write-Host "Adding " $modification.Name
$webApp.WebConfigModifications.Add($modification)
}
else {
Write-Host $modification.Name already added
}
$webApp.Update()
$webApp.WebConfigModifications
$webApp.Parent.ApplyWebConfigModifications()
本文标签: javascriptEnable CORS in Sharepoint 2013Stack Overflow
版权声明:本文标题:javascript - Enable CORS in Sharepoint 2013 - Stack Overflow 内容由网友自发贡献,该文观点仅代表作者本人, 转载请联系作者并注明出处:http://www.betaflare.com/web/1742378028a2463557.html, 本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌抄袭侵权/违法违规的内容,一经查实,本站将立刻删除。
发表评论