IIS中的CORS发出访问控制允许原产地中的凭据和通配符
IIS中的CORS发出访问控制允许原产地中的凭据和通配符
提问于 2017-02-03 19:44:03
我继承了一个相当基本的站点,它为数据提供服务并处理一些套接字连接。它使用iisnode作为桥在IIS后面运行NodeJS。从“正常页面服务”的角度来看,这一切都很好。
部分问题是,与服务器的实际连接来自桌面客户端,其中的内容是通过不同的应用程序作为小工具加载的,以及来自网络、移动设备等可能发生变化和变化的部分,即数量未知的客户端域。
我已经设置了Access-Control-允许原点*只打开谷仓门,但现在客户端出现了以下错误:
11:29:57.668跨源请求被阻止:相同的原产地策略不允许在“http://server/socket.io/?EIO=3&transport=polling&t=1486150196479-0”中读取远程资源。(原因:如果CORS头“访问-控制-允许-原产地”为“*”,则不支持凭据)。1(未知)
我试图将访问控制允许凭据显式设置为false (以及true,以及将其完全排除在外),但我的任何尝试都不允许我通过此操作。
原始响应头当前如下所示:
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: Origin,Content-Type,Accept
Access-Control-Allow-Methods: GET,HEAD,PUT,POST,DELETE,OPTIONS
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Content-Encoding: gzip
Content-Length: 969
Content-Type: text/html
Date: Fri, 03 Feb 2017 19:30:21 GMT
Server: Microsoft-IIS/8.5
Vary: Accept-Encoding
X-Powered-By: ASP.NET在过去几天看了很多CORS网站和文章之后,我似乎无法理清为什么它仍然在抱怨凭证--更确切地说,我该如何解决这个问题呢?
谢谢!
更新2017-02-06
客户端代码并不令人非常兴奋。由于服务器是IIS后面的NodeJS,所以我真正要做的就是实现套接字连接:
var socket = io('http://' + currentServer, {path: '/broadcast/socket.io', reconnection: false, forceNew: true});
socket.on('update message', function (data) {
// do some fancy things
}这是在同一域中工作的。
我还根据sideshowbarker的评论做了更多的调查,这些评论使我想到了这个文章,还有一些额外的步骤可以添加变量,还有一些其他的东西可以让这个部分正常工作。
我的applicationHost.config当前包含以下部分:
<location path="Default Web Site">
<system.webServer>
<rewrite>
<allowedServerVariables>
<add name="CAPTURED_ORIGIN" />
<add name="RESPONSE_Access-Control-Allow-Origin" />
</allowedServerVariables>
</rewrite>
</system.webServer>
</location>我的web.config在这里:
<?xml version="1.0" encoding="UTF-8"?>
<configuration>
<system.webServer>
<rewrite>
<rules>
<rule name="Fail bad requests">
<match url="." />
<conditions>
<add input="{HTTP_HOST}" negate="true" pattern="localhost" />
</conditions>
<action type="AbortRequest" />
</rule>
<rule name="Capture Origin Header">
<match url=".*" />
<conditions>
<add input="{HTTP_ORIGIN}" pattern=".+" />
</conditions>
<serverVariables>
<set name="CAPTURED_ORIGIN" value="{C:0}" />
</serverVariables>
<action type="None" />
</rule>
</rules>
<outboundRules>
<rule name="Set-Access-Control-Allow-Origin for known origins">
<match serverVariable="RESPONSE_Access-Control-Allow-Origin" pattern=".+" negate="true" />
<!--<action type="Rewrite" value="{C:0}" /> -->
</rule>
</outboundRules>
</rewrite>
<tracing>
<traceFailedRequests>
<add path="*">
<traceAreas>
<add provider="ASP" verbosity="Verbose" />
<add provider="ASPNET" areas="Infrastructure,Module,Page,AppServices" verbosity="Verbose" />
<add provider="ISAPI Extension" verbosity="Verbose" />
<add provider="WWW Server" areas="Authentication,Security,Filter,StaticFile,CGI,Compression,Cache,RequestNotifications,Module,FastCGI,WebSocket" verbosity="Verbose" />
</traceAreas>
<failureDefinitions statusCodes="400-599" />
</add>
</traceFailedRequests>
</tracing>
</system.webServer>
</configuration>在outboundRules上,我现在让动作type=“重写”行注释掉了,因为当我启用它时,它会抛出一个错误。
HTTP Error 500.52 - URL Rewrite Module Error.
The page cannot be displayed because an internal server error has occurred.
Most likely causes:
•IIS received the request; however, an internal error occurred during the processing of the request. The root cause of this error depends on which module handles the request and what was happening in the worker process when this error occurred.
•IIS was not able to access the web.config file for the Web site or application. This can occur if the NTFS permissions are set incorrectly.
•IIS was not able to process configuration for the Web site or application.
•The authenticated user does not have permission to use this DLL.
•The request is mapped to a managed handler but the .NET Extensibility Feature is not installed.
Detailed Error Information:
Module: RewriteModule
Notification: SendResponse
Handler: StaticFile
Error Code: 0x80070585
Requested URL: http://localhost:80/iisstart.htm
Physical Path: C:\inetpub\wwwroot\iisstart.htm
Logon Method: Anonymous
Logon User: Anonymous
Request Tracing Directory: C:\inetpub\logs\FailedReqLogFiles 失败的请求日志并没有太大帮助,它们为警告显示了以下内容:
411. -MODULE_SET_RESPONSE_ERROR_STATUS
ModuleName: RewriteModule
Notification: SEND_RESPONSE
HttpStatus: 500
HttpReason: URL Rewrite Module Error.
HttpSubStatus: 52
ErrorCode: Invalid index. (0x80070585)
ConfigExceptionInfo: 页面原文内容由Stack Overflow提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:
https://stackoverflow.com/questions/42031885
复制相关文章
相似问题
腾讯云开发者
