angular - 使用 Angular 访问 Sharepoint API CORS
问题描述
我会从 SharePoint API 获取数据。
当我攻击 API 时,我得到 CORS 访问错误。
这是我的服务。
public getResults() {
let url;
let mockUrl;
var headers = new HttpHeaders({
"Content-Type": "application/json",
"Access-Control-Allow-Credentials": "true",
"Access-Control-Allow-Origin": "*"
});
url ="https://my.sharepoint.api";
return this.httpClient
.get(url, headers)
}
从事这个项目的团队告诉我,他们正在使用其他 Angular 应用程序,他们不需要更改服务器配置(以允许 localhost 调用)
这是我得到的回应:
获取https://my.api.sharepoint 401(未经授权)
无法加载https://my.api.sharepoint:请求的资源上不存在“Access-Control-Allow-Origin”标头。因此,不允许访问源“ http://localhost:4200 ”。响应具有 HTTP 状态代码 401。
我该如何解决?
解决方案
您需要为 SharePoint 2013 启用跨域调用(这不适用于 SharePoint 2016)。
并将http://localhost:31699添加到信任站点,以便请求将使用当前用户凭据进行身份验证。
Add-PSSnapin Microsoft.SharePoint.PowerShell -EA 0
$localFarm = Get-SPFarm
$webapp = Get-SPWebApplication "http://sp:12001"
# Remove old web.config modifications of MyAuthenticationProvider
$oldMods = @();
$webapp.WebConfigModifications | ? { $_.Owner -eq "CrossSiteScripting" } | % {
$oldMods = $oldMods + $_
}
$oldMods | % {
$webapp.WebConfigModifications.Remove($_)
}
# update the Web Application and apply all existing web.config modifications - this executes the "remove" actions from above
$webapp.Update()
[Microsoft.SharePoint.Administration.SPWebService]::ContentService.ApplyWebConfigModifications()
#Wait until web.config modifications finished by timer job
while( (Get-SPTimerJob | ? { $_.Name -eq "job-webconfig-modification"}) -ne $null ) {
Write-Host "." -NoNewline
Start-Sleep 1
}
# New web.config modifications for MyAuthenticationProvider
$myModification1 = new-object Microsoft.SharePoint.Administration.SPWebConfigModification
$myModification1.Path = "configuration/system.webServer/httpProtocol/customHeaders"
$myModification1.Name = "add[@name='Access-Control-Allow-Origin'][@value='http://localhost:31699']"
$myModification1.Sequence = 0
$myModification1.Owner = "CrossSiteScripting"
#0 = for the enum value "SPWebConfigModification.SPWebConfigModificationType.EnsureChildNode"
$myModification1.Type = 0
$myModification1.Value = "<add name='Access-Control-Allow-Origin' value='http://localhost:31699' />"
$webapp.WebConfigModifications.Add($myModification1)
$myModification1 = new-object Microsoft.SharePoint.Administration.SPWebConfigModification
$myModification1.Path = "configuration/system.webServer/httpProtocol/customHeaders"
$myModification1.Name = "add[@name='Access-Control-Request-Method'][@value='GET,POST,HEAD,OPTIONS']"
$myModification1.Sequence = 0
$myModification1.Owner = "CrossSiteScripting"
$myModification1.Type = 0
$myModification1.Value = "<add name='Access-Control-Request-Method' value='GET,POST,HEAD,OPTIONS' />"
$webapp.WebConfigModifications.Add($myModification1)
$myModification1 = new-object Microsoft.SharePoint.Administration.SPWebConfigModification
$myModification1.Path = "configuration/system.webServer/httpProtocol/customHeaders"
$myModification1.Name = "add[@name='Access-Control-Request-Headers'][@value='Content-Type,Authorization']"
$myModification1.Sequence = 0
$myModification1.Owner = "CrossSiteScripting"
$myModification1.Type = 0
$myModification1.Value = "<add name='Access-Control-Request-Headers' value='Content-Type,Authorization' />"
$webapp.WebConfigModifications.Add($myModification1)
$myModification1 = new-object Microsoft.SharePoint.Administration.SPWebConfigModification
$myModification1.Path = "configuration/system.webServer/httpProtocol/customHeaders"
$myModification1.Name = "add[@name='Access-Control-Allow-Credentials'][@value='true']"
$myModification1.Sequence = 0
$myModification1.Owner = "CrossSiteScripting"
$myModification1.Type = 0
$myModification1.Value = "<add name='Access-Control-Allow-Credentials' value='true' />"
$webapp.WebConfigModifications.Add($myModification1)
$webapp.Update()
[Microsoft.SharePoint.Administration.SPWebService]::ContentService.ApplyWebConfigModifications()
#Wait until web.config modifications finished by timer job
while( (Get-SPTimerJob | ? { $_.Name -eq "job-webconfig-modification"}) -ne $null ) {
Write-Host "." -NoNewline
Start-Sleep 1
}
推荐阅读
- swagger - 将“条目”字段添加到组件的属性会破坏编译器
- android - 更改设备名称后多次启动外设广告
- python - Python 3 - 解析 .json
- deno - Deno - 将 TypeScript 导入 JS 文件
- python - 使用 mozilla/TTS 是否可以使用其他预训练的模型声音?
- c - 处理任何文件输入/输出时出现分段错误
- javascript - Firebase 和 JavaScript 安全问题?
- python - 根据课程ID更新django中的布尔值状态
- python - python flask wtf形式从函数返回值
- sql - 如何将左连接与第二个选择语句一起使用?