You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

88 lines
86 KiB
HTML

1 year ago
<!doctype html>
<html lang="en" dir="ltr" class="docs-wrapper plugin-docs plugin-id-default docs-version-current docs-doc-page docs-doc-id-cors" data-has-hydrated="false">
<head>
<meta charset="UTF-8">
<meta name="generator" content="Docusaurus v3.0.0">
<title data-rh="true">16. CORS 跨域 | Furion</title><meta data-rh="true" name="viewport" content="width=device-width,initial-scale=1"><meta data-rh="true" name="twitter:card" content="summary_large_image"><meta data-rh="true" property="og:url" content="http://furion.baiqian.ltd/docs/cors"><meta data-rh="true" property="og:locale" content="en"><meta data-rh="true" name="docusaurus_locale" content="en"><meta data-rh="true" name="docsearch:language" content="en"><meta data-rh="true" name="docusaurus_version" content="current"><meta data-rh="true" name="docusaurus_tag" content="docs-default-current"><meta data-rh="true" name="docsearch:version" content="current"><meta data-rh="true" name="docsearch:docusaurus_tag" content="docs-default-current"><meta data-rh="true" property="og:title" content="16. CORS 跨域 | Furion"><meta data-rh="true" name="description" content="16.1 什么是跨域"><meta data-rh="true" property="og:description" content="16.1 什么是跨域"><link data-rh="true" rel="icon" href="/img/favicon.ico"><link data-rh="true" rel="canonical" href="http://furion.baiqian.ltd/docs/cors"><link data-rh="true" rel="alternate" href="http://furion.baiqian.ltd/docs/cors" hreflang="en"><link data-rh="true" rel="alternate" href="http://furion.baiqian.ltd/docs/cors" hreflang="x-default"><link rel="alternate" type="application/rss+xml" href="/blog/rss.xml" title="Furion RSS Feed">
<link rel="alternate" type="application/atom+xml" href="/blog/atom.xml" title="Furion Atom Feed"><link rel="stylesheet" href="/assets/css/styles.3f87a095.css">
<script src="/assets/js/runtime~main.89709a83.js" defer="defer"></script>
<script src="/assets/js/main.10e5dc01.js" defer="defer"></script>
</head>
<body class="navigation-with-keyboard">
<script>!function(){function t(t){document.documentElement.setAttribute("data-theme",t)}var e=function(){try{return new URLSearchParams(window.location.search).get("docusaurus-theme")}catch(t){}}()||function(){try{return localStorage.getItem("theme")}catch(t){}}();t(null!==e?e:"light")}(),function(){try{const a=new URLSearchParams(window.location.search).entries();for(var[t,e]of a)if(t.startsWith("docusaurus-data-")){var n=t.replace("docusaurus-data-","data-");document.documentElement.setAttribute(n,e)}}catch(t){}}(),document.documentElement.setAttribute("data-announcement-bar-initially-dismissed",function(){try{return"true"===localStorage.getItem("docusaurus.announcement.dismiss")}catch(t){}return!1}())</script><div id="__docusaurus"><div class="floatbar_hUWl"><div class="qrcode_sWwE"><img title="微信扫码关注 Furion 官方公众号" src="/img/weixin_qrcode.jpg" style="display:block"><div>❤️ 关注 Furion 微信公众号有惊喜哦!</div></div><div style="display:flex;flex-direction:row-reverse;align-items:flex-start"><div class="title_SD0k">🫠 遇到问题了</div><div class="extend__5i1"><a class="item_Y35a" href="/docs/subscribe"><div style="flex:1"><div class="itemTitle_If_T">⭐️ VIP 服务 ⭐️</div><div class="itemDesc_dp7r">仅需 499 元/年,尊享 365 天项目无忧</div></div><div class="jiantou_mV_o"></div></a><div class="item_Y35a"><div style="flex:1"><div class="itemTitle_If_T">问题反馈</div><div class="itemDesc_dp7r">到 Furion 开源仓库反馈</div></div><div class="jiantou_mV_o"></div></div></div></div></div><div role="region" aria-label="Skip to main content"><a class="skipToContent_fXgn" href="#__docusaurus_skipToContent_fallback">Skip to main content</a></div><div class="announcementBar_mb4j" style="background-color:#4623d9;color:yellow" role="banner"><div class="content_knG7 announcementBarContent_xLdY">⭐️ 开通 VIP 服务仅需 499 元/年,尊享 365 天项目无忧 <a href="/docs/subscribe" style="background-color:rgb(199, 29, 36);color:#ffffff;padding:1px 10px;border-radius:3px;text-decoration:none;display:inline-block;margin:0 5px;font-size:12px;cursor:pointer;">立即开通</a>⭐️</div></div><nav aria-label="Main" class="navbar navbar--fixed-top navbarHideable_m1mJ"><div class="navbar__inner"><div class="navbar__items"><button aria-label="Toggle navigation bar" aria-expanded="false" class="navbar__toggle clean-btn" type="button"><svg width="30" height="30" viewBox="0 0 30 30" aria-hidden="true"><path stroke="currentColor" stroke-linecap="round" stroke-miterlimit="10" stroke-width="2" d="M4 7h22M4 15h22M4 23h22"></path></svg></button><a class="navbar__brand" href="/"><div class="navbar__logo"><img src="/img/furionlogo.png" alt="Furion Logo" class="themedComponent_mlkZ themedComponent--light_NVdE"><img src="/img/furionlogo.png" alt="Furion Logo" class="themedComponent_mlkZ themedComponent--dark_xIcU"></div><b class="navbar__title text--truncate">Furion</b></a><a aria-current="page" class="navbar__item navbar__link navbar__link--active" href="/docs/category/appendix">文档</a><a class="navbar__item navbar__link" href="/docs/global/app">静态类</a><a class="navbar__item navbar__link" href="/docs/settings/appsettings">配置</a><a class="navbar__item navbar__link" href="/blog">博客</a><div class="navbar__item dropdown dropdown--hoverable"><a href="#" aria-haspopup="true" aria-expanded="false" role="button" class="navbar__link">更新日志</a><ul class="dropdown__menu"><li><a class="dropdown__link" href="/docs/upgrade">📝 查看日志v4.9.1.7</a></li><li><a class="dropdown__link" href="/docs/target">🚀 路线图</a></li></ul></div><a href="http://furion.baiqian.ltd/api/api" target="_blank" rel="noopener noreferrer" class="navbar__item navbar__link">API<svg width="13.5" height="13.5" aria-hidden="true" viewBox="0 0 24 24" class="iconExternalLink_nPIU"><path fill="currentColor" d="M21 13v10h-21v-19h12v2h-10v15h17v-8h2zm3-12h-10.988l4.035 4-6.977 7.07 2.828 2.828 6.977-7.07 4.125 4.172v-11z"></path></svg></a></div><div class="navbar__items navbar__it
<p>简单来说,当一个请求 <code>url</code> 的协议、域名、端口三者之间任意一个与当前页面 <code>url</code> 不同即为跨域。那为什么会出现跨域问题呢?</p>
<p>出于浏览器的同源策略限制。同源策略Sameoriginpolicy是一种约定它是浏览器最核心也最基本的安全功能如果缺少了同源策略则浏览器的正常功能可能都会受到影响。可以说 <code>Web</code> 是构建在同源策略基础之上的,浏览器只是针对同源策略的一种实现。同源策略会阻止一个域的 javascript 脚本和另外一个域的内容进行交互。所谓同源即指在同一个域就是两个页面具有相同的协议protocol主机host和端口号port</p>
<h2 class="anchor anchorWithHideOnScrollNavbar_WYt5" id="162-有跨域行为示例">16.2 有跨域行为示例<a href="#162-有跨域行为示例" class="hash-link" aria-label="Direct link to 16.2 有跨域行为示例" title="Direct link to 16.2 有跨域行为示例"></a></h2>
<table><thead><tr><th>当前页面 url</th><th>被请求页面 url</th><th>是否跨域</th><th>原因</th></tr></thead><tbody><tr><td><a href="http://www.baiqian.ltd/" target="_blank" rel="noopener noreferrer">http://www.baiqian.ltd/</a></td><td><a href="http://www.baiqian.ltd/index.html" target="_blank" rel="noopener noreferrer">http://www.baiqian.ltd/index.html</a></td><td></td><td>同源(协议、域名、端口号相同)</td></tr><tr><td><a href="http://www.baiqian.ltd/" target="_blank" rel="noopener noreferrer">http://www.baiqian.ltd/</a></td><td><a href="https://www.baiqian.ltd/index.html" target="_blank" rel="noopener noreferrer">https://www.baiqian.ltd/index.html</a></td><td>跨域</td><td>协议不同http/https</td></tr><tr><td><a href="http://www.baiqian.ltd/" target="_blank" rel="noopener noreferrer">http://www.baiqian.ltd/</a></td><td><a href="http://www.baidu.com/" target="_blank" rel="noopener noreferrer">http://www.baidu.com/</a></td><td>跨域</td><td>主域名不同baiqian.ltd/baidu.com</td></tr><tr><td><a href="http://furion.baiqian.ltd/" target="_blank" rel="noopener noreferrer">http://furion.baiqian.ltd/</a></td><td><a href="http://fur.baiqian.ltd/" target="_blank" rel="noopener noreferrer">http://fur.baiqian.ltd/</a></td><td>跨域</td><td>子域名不同furion/fur</td></tr><tr><td><a href="http://www.baiqian.ltd:8080/" target="_blank" rel="noopener noreferrer">http://www.baiqian.ltd:8080/</a></td><td><a href="http://www.baiqian.ltd:7001/" target="_blank" rel="noopener noreferrer">http://www.baiqian.ltd:7001/</a></td><td>跨域</td><td>端口号不同8080/7001</td></tr></tbody></table>
<h2 class="anchor anchorWithHideOnScrollNavbar_WYt5" id="163-什么是-cors">16.3 什么是 CORS<a href="#163-什么是-cors" class="hash-link" aria-label="Direct link to 16.3 什么是 CORS" title="Direct link to 16.3 什么是 CORS"></a></h2>
<p>跨源资源共享 (<code>CORS</code>) </p>
<ul>
<li>是一种 <code>W3C</code> 标准,可让服务器放宽相同的源策略。</li>
<li>不是一项安全功能,<code>CORS</code> 放宽 <code>security</code><code>API</code> 不能通过允许 <code>CORS</code> 来更安全。 有关详细信息,请参阅 <a href="https://docs.microsoft.com/zh-cn/aspnet/core/security/cors?view=aspnetcore-5.0#how-cors" target="_blank" rel="noopener noreferrer">CORS 工作原理</a></li>
<li>允许服务器明确允许一些跨源请求,同时拒绝其他请求。</li>
<li>比早期的技术(如 <code>JSONP</code>)更安全且更灵活。</li>
</ul>
<h2 class="anchor anchorWithHideOnScrollNavbar_WYt5" id="164-如何使用">16.4 如何使用<a href="#164-如何使用" class="hash-link" aria-label="Direct link to 16.4 如何使用" title="Direct link to 16.4 如何使用"></a></h2>
<h3 class="anchor anchorWithHideOnScrollNavbar_WYt5" id="1641-添加-cors-服务">16.4.1 添加 <code>CORS</code> 服务<a href="#1641-添加-cors-服务" class="hash-link" aria-label="Direct link to 1641-添加-cors-服务" title="Direct link to 1641-添加-cors-服务"></a></h3>
<p>启用跨域 <code>Cors</code> 支持首先添加 <code>CorsAccessor</code> 服务,如:</p>
<div class="language-cs codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#bfc7d5;--prism-background-color:#292d3e"><div class="codeBlockContent_biex"><pre tabindex="0" class="prism-code language-cs codeBlock_bY9V thin-scrollbar" style="color:#bfc7d5;background-color:#292d3e"><code class="codeBlockLines_e6Vv codeBlockLinesWithNumbering_o6Pm"><span class="token-line codeLine_lJS_" style="color:#bfc7d5"><span class="codeLineNumber_Tfdd"></span><span class="codeLineContent_feaV"><span class="token keyword" style="font-style:italic">using</span><span class="token plain"> </span><span class="token namespace" style="color:rgb(178, 204, 214)">Microsoft</span><span class="token namespace punctuation" style="color:rgb(199, 146, 234)">.</span><span class="token namespace" style="color:rgb(178, 204, 214)">AspNetCore</span><span class="token namespace punctuation" style="color:rgb(199, 146, 234)">.</span><span class="token namespace" style="color:rgb(178, 204, 214)">Builder</span><span class="token punctuation" style="color:rgb(199, 146, 234)">;</span><span class="token plain"></span></span><br></span><span class="token-line codeLine_lJS_" style="color:#bfc7d5"><span class="codeLineNumber_Tfdd"></span><span class="codeLineContent_feaV"><span class="token plain"></span><span class="token keyword" style="font-style:italic">using</span><span class="token plain"> </span><span class="token namespace" style="color:rgb(178, 204, 214)">Microsoft</span><span class="token namespace punctuation" style="color:rgb(199, 146, 234)">.</span><span class="token namespace" style="color:rgb(178, 204, 214)">AspNetCore</span><span class="token namespace punctuation" style="color:rgb(199, 146, 234)">.</span><span class="token namespace" style="color:rgb(178, 204, 214)">Hosting</span><span class="token punctuation" style="color:rgb(199, 146, 234)">;</span><span class="token plain"></span></span><br></span><span class="token-line codeLine_lJS_" style="color:#bfc7d5"><span class="codeLineNumber_Tfdd"></span><span class="codeLineContent_feaV"><span class="token plain"></span><span class="token keyword" style="font-style:italic">using</span><span class="token plain"> </span><span class="token namespace" style="color:rgb(178, 204, 214)">Microsoft</span><span class="token namespace punctuation" style="color:rgb(199, 146, 234)">.</span><span class="token namespace" style="color:rgb(178, 204, 214)">Extensions</span><span class="token namespace punctuation" style="color:rgb(199, 146, 234)">.</span><span class="token namespace" style="color:rgb(178, 204, 214)">DependencyInjection</span><span class="token punctuation" style="color:rgb(199, 146, 234)">;</span><span class="token plain"></span></span><br></span><span class="token-line codeLine_lJS_" style="color:#bfc7d5"><span class="codeLineNumber_Tfdd"></span><span class="codeLineContent_feaV"><span class="token plain"></span><span class="token keyword" style="font-style:italic">using</span><span class="token plain"> </span><span class="token namespace" style="color:rgb(178, 204, 214)">Microsoft</span><span class="token namespace punctuation" style="color:rgb(199, 146, 234)">.</span><span class="token namespace" style="color:rgb(178, 204, 214)">Extensions</span><span class="token namespace punctuation" style="color:rgb(199, 146, 234)">.</span><span class="token namespace" style="color:rgb(178, 204, 214)">Hosting</span><span class="token punctuation" style="color:rgb(199, 146, 234)">;</span><span class="token plain"></span></span><br></span><span class="token-line codeLine_lJS_" style="color:#bfc7d5"><span class="codeLineNumber_Tfdd"></span><span class="codeLineContent_feaV"><span class="token plain" style="display:inline-block"></span></span><br></span><span class="token-line codeLine_lJS_" style="color:#bfc7d5"><span class="codeLineNumber_Tfdd"></span><span class="codeLineContent_feaV"><span class="token plain"></span><span class="token keyword" style="font-style:italic">namespace</span><span class="token plain"> </span><span class="token namespace" style="color:rgb(178, 204, 214)">Furion</span><span cl
<div class="theme-admonition theme-admonition-caution admonition_xJq3 alert alert--warning"><div class="admonitionHeading_Gvgb"><span class="admonitionIcon_Rf37"><svg viewBox="0 0 16 16"><path fill-rule="evenodd" d="M8.893 1.5c-.183-.31-.52-.5-.887-.5s-.703.19-.886.5L.138 13.499a.98.98 0 0 0 0 1.001c.193.31.53.501.886.501h13.964c.367 0 .704-.19.877-.5a1.03 1.03 0 0 0 .01-1.002L8.893 1.5zm.133 11.497H6.987v-2.003h2.039v2.003zm0-3.004H6.987V5.987h2.039v4.006z"></path></svg></span>特别注意</div><div class="admonitionContent_BuS1"><p><code>services.AddCorsAccessor();</code> 需在 <code>services.AddControllers()</code> 之前注册。</p><p><code>app.UseCorsAccessor();</code> 需在 <code>app.UseRouting();</code><code>app.UseAuthentication();</code> 之间注册。</p></div></div>
<h3 class="anchor anchorWithHideOnScrollNavbar_WYt5" id="1642-配置允许跨域域名">16.4.2 配置允许跨域域名<a href="#1642-配置允许跨域域名" class="hash-link" aria-label="Direct link to 16.4.2 配置允许跨域域名" title="Direct link to 16.4.2 配置允许跨域域名"></a></h3>
<div class="theme-admonition theme-admonition-important admonition_xJq3 alert alert--info"><div class="admonitionHeading_Gvgb"><span class="admonitionIcon_Rf37"><svg viewBox="0 0 14 16"><path fill-rule="evenodd" d="M7 2.3c3.14 0 5.7 2.56 5.7 5.7s-2.56 5.7-5.7 5.7A5.71 5.71 0 0 1 1.3 8c0-3.14 2.56-5.7 5.7-5.7zM7 1C3.14 1 0 4.14 0 8s3.14 7 7 7 7-3.14 7-7-3.14-7-7-7zm1 3H6v5h2V4zm0 6H6v2h2v-2z"></path></svg></span>小提醒</div><div class="admonitionContent_BuS1"><p>默认情况下,<code>Furion</code> 允许所有域名来源访问,也就是无需配置任何来源域名,另外前端也需要设置请求参数:<code>withCredentials:false</code></p></div></div>
<p>如果需要指定特定域名,则添加以下配置即可:</p>
<div class="language-json codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#bfc7d5;--prism-background-color:#292d3e"><div class="codeBlockContent_biex"><pre tabindex="0" class="prism-code language-json codeBlock_bY9V thin-scrollbar" style="color:#bfc7d5;background-color:#292d3e"><code class="codeBlockLines_e6Vv codeBlockLinesWithNumbering_o6Pm"><span class="token-line codeLine_lJS_" style="color:#bfc7d5"><span class="codeLineNumber_Tfdd"></span><span class="codeLineContent_feaV"><span class="token plain">{</span></span><br></span><span class="token-line codeLine_lJS_" style="color:#bfc7d5"><span class="codeLineNumber_Tfdd"></span><span class="codeLineContent_feaV"><span class="token plain"> &quot;CorsAccessorSettings&quot;: {</span></span><br></span><span class="token-line codeLine_lJS_" style="color:#bfc7d5"><span class="codeLineNumber_Tfdd"></span><span class="codeLineContent_feaV"><span class="token plain"> &quot;PolicyName&quot;: &quot;自定义跨域策略名&quot;,</span></span><br></span><span class="token-line theme-code-block-highlighted-line codeLine_lJS_" style="color:#bfc7d5"><span class="codeLineNumber_Tfdd"></span><span class="codeLineContent_feaV"><span class="token plain"> &quot;WithOrigins&quot;: [&quot;http://localhost:4200&quot;, &quot;http://furion.baiqian.ltd&quot;]</span></span><br></span><span class="token-line codeLine_lJS_" style="color:#bfc7d5"><span class="codeLineNumber_Tfdd"></span><span class="codeLineContent_feaV"><span class="token plain"> }</span></span><br></span><span class="token-line codeLine_lJS_" style="color:#bfc7d5"><span class="codeLineNumber_Tfdd"></span><span class="codeLineContent_feaV"><span class="token plain">}</span></span><br></span></code></pre><div class="buttonGroup__atx"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_eSgA" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_y97N"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_LjdS"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div>
<h2 class="anchor anchorWithHideOnScrollNavbar_WYt5" id="165-corsaccessorsettings-配置">16.5 <code>CorsAccessorSettings</code> 配置<a href="#165-corsaccessorsettings-配置" class="hash-link" aria-label="Direct link to 165-corsaccessorsettings-配置" title="Direct link to 165-corsaccessorsettings-配置"></a></h2>
<ul>
<li><code>CorsAccessorSettings</code>
<ul>
<li><code>PolicyName</code>:跨域策略名,<code>string</code> 类型,必填,默认 <code>App.Cors.Policy</code></li>
<li><code>WithOrigins</code>:允许跨域的域名列表,<code>string[]</code> 类型,默认 <code>*</code></li>
<li><code>WithHeaders</code>:请求表头,没有配置则允许所有表头,<code>string[]</code> 类型</li>
<li><strong><code>WithExposedHeaders</code>:设置客户端可获取的响应标头,<code>string[]</code> 类型,默认 <code>[&quot;access-token&quot;, &quot;x-access-token&quot;]</code></strong>
<ul>
<li><strong>默认情况下,若后端输出特定的响应头 <code>Key</code>,那么需将该 <code>Key</code> 配置在数组中</strong></li>
</ul>
</li>
<li><code>WithMethods</code>:设置跨域允许请求谓词,没有配置则允许所有,<code>string[]</code> 类型</li>
<li><code>AllowCredentials</code>:是否允许跨域请求中的凭据,<code>bool</code> 类型,默认值 <code>true</code></li>
<li><code>SetPreflightMaxAge</code>:设置预检过期时间,<code>int</code> 类型,默认值 <code>24小时</code></li>
<li><code>FixedClientToken</code>:是否默认配置 <code>WithExposedHeaders</code><code>bool</code> 类型,默认 <code>true</code></li>
<li><code>SignalRSupport</code>:是否启用 <code>SignalR</code> 跨域支持,<code>bool</code> 类型,默认 <code>false</code></li>
</ul>
</li>
</ul>
<h2 class="anchor anchorWithHideOnScrollNavbar_WYt5" id="166-前端不能读取响应头注意事项">16.6 前端不能读取响应头注意事项<a href="#166-前端不能读取响应头注意事项" class="hash-link" aria-label="Direct link to 16.6 前端不能读取响应头注意事项" title="Direct link to 16.6 前端不能读取响应头注意事项"></a></h2>
<p>有时候,我们通过 <code>ajax</code> 或者 <code>axios</code> 第三方库无法读取响应头自定义信息,这时需要响应报文中公开特定 <code>Header</code> 才能放行,如:<code>Access-Control-Expose-Headers: xxxxx</code>,所以,需要添加以下配置:</p>
<div class="language-cs codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#bfc7d5;--prism-background-color:#292d3e"><div class="codeBlockTitle_Ktv7">appsettings.json</div><div class="codeBlockContent_biex"><pre tabindex="0" class="prism-code language-cs codeBlock_bY9V thin-scrollbar" style="color:#bfc7d5;background-color:#292d3e"><code class="codeBlockLines_e6Vv codeBlockLinesWithNumbering_o6Pm"><span class="token-line codeLine_lJS_" style="color:#bfc7d5"><span class="codeLineNumber_Tfdd"></span><span class="codeLineContent_feaV"><span class="token punctuation" style="color:rgb(199, 146, 234)">{</span><span class="token plain"></span></span><br></span><span class="token-line codeLine_lJS_" style="color:#bfc7d5"><span class="codeLineNumber_Tfdd"></span><span class="codeLineContent_feaV"><span class="token plain"> </span><span class="token string" style="color:rgb(195, 232, 141)">&quot;CorsAccessorSettings&quot;</span><span class="token punctuation" style="color:rgb(199, 146, 234)">:</span><span class="token plain"> </span><span class="token punctuation" style="color:rgb(199, 146, 234)">{</span><span class="token plain"></span></span><br></span><span class="token-line codeLine_lJS_" style="color:#bfc7d5"><span class="codeLineNumber_Tfdd"></span><span class="codeLineContent_feaV"><span class="token plain"> </span><span class="token string" style="color:rgb(195, 232, 141)">&quot;WithExposedHeaders&quot;</span><span class="token punctuation" style="color:rgb(199, 146, 234)">:</span><span class="token plain"> </span><span class="token punctuation" style="color:rgb(199, 146, 234)">[</span><span class="token string" style="color:rgb(195, 232, 141)">&quot;access-token&quot;</span><span class="token punctuation" style="color:rgb(199, 146, 234)">,</span><span class="token string" style="color:rgb(195, 232, 141)">&quot;x-access-token&quot;</span><span class="token punctuation" style="color:rgb(199, 146, 234)">]</span><span class="token plain"></span></span><br></span><span class="token-line codeLine_lJS_" style="color:#bfc7d5"><span class="codeLineNumber_Tfdd"></span><span class="codeLineContent_feaV"><span class="token plain"> </span><span class="token punctuation" style="color:rgb(199, 146, 234)">}</span><span class="token plain"></span></span><br></span><span class="token-line codeLine_lJS_" style="color:#bfc7d5"><span class="codeLineNumber_Tfdd"></span><span class="codeLineContent_feaV"><span class="token plain"></span><span class="token punctuation" style="color:rgb(199, 146, 234)">}</span></span><br></span></code></pre><div class="buttonGroup__atx"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_eSgA" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_y97N"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_LjdS"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div>
<p>需要获取哪个头,就在 <code>WithExposedHeaders</code> 数组中配置即可。如果使用 <code>ajax</code> 可以通过 <code>xhr.getResponseHeader(key)</code><code>xhr.getAllResponseHeaders()</code> 获取配置的 <code>key</code></p>
<p>特别情况下不能请求,可以考虑设置 <code>withCredentials: false</code></p>
<h2 class="anchor anchorWithHideOnScrollNavbar_WYt5" id="167-使用-ajax-前端注意事项">16.7 使用 <code>$.ajax</code> 前端注意事项<a href="#167-使用-ajax-前端注意事项" class="hash-link" aria-label="Direct link to 167-使用-ajax-前端注意事项" title="Direct link to 167-使用-ajax-前端注意事项"></a></h2>
<p>使用 <code>Jquery</code> 前端请求可以参考以下配置:</p>
<div class="language-cs codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#bfc7d5;--prism-background-color:#292d3e"><div class="codeBlockContent_biex"><pre tabindex="0" class="prism-code language-cs codeBlock_bY9V thin-scrollbar" style="color:#bfc7d5;background-color:#292d3e"><code class="codeBlockLines_e6Vv codeBlockLinesWithNumbering_o6Pm"><span class="token-line codeLine_lJS_" style="color:#bfc7d5"><span class="codeLineNumber_Tfdd"></span><span class="codeLineContent_feaV"><span class="token plain">$</span><span class="token punctuation" style="color:rgb(199, 146, 234)">.</span><span class="token function" style="color:rgb(130, 170, 255)">ajax</span><span class="token punctuation" style="color:rgb(199, 146, 234)">(</span><span class="token punctuation" style="color:rgb(199, 146, 234)">{</span><span class="token plain"></span></span><br></span><span class="token-line codeLine_lJS_" style="color:#bfc7d5"><span class="codeLineNumber_Tfdd"></span><span class="codeLineContent_feaV"><span class="token plain">        url</span><span class="token punctuation" style="color:rgb(199, 146, 234)">:</span><span class="token plain"> </span><span class="token string" style="color:rgb(195, 232, 141)">&quot;https://localhost:5001/api/system/getdata&quot;</span><span class="token punctuation" style="color:rgb(199, 146, 234)">,</span><span class="token plain"></span></span><br></span><span class="token-line codeLine_lJS_" style="color:#bfc7d5"><span class="codeLineNumber_Tfdd"></span><span class="codeLineContent_feaV"><span class="token plain">        </span><span class="token named-parameter punctuation" style="color:rgb(199, 146, 234)">type</span><span class="token punctuation" style="color:rgb(199, 146, 234)">:</span><span class="token plain"> </span><span class="token string" style="color:rgb(195, 232, 141)">&quot;GET&quot;</span><span class="token punctuation" style="color:rgb(199, 146, 234)">,</span><span class="token plain"></span></span><br></span><span class="token-line theme-code-block-highlighted-line codeLine_lJS_" style="color:#bfc7d5"><span class="codeLineNumber_Tfdd"></span><span class="codeLineContent_feaV"><span class="token plain">        </span><span class="token named-parameter punctuation" style="color:rgb(199, 146, 234)">xhrFields</span><span class="token punctuation" style="color:rgb(199, 146, 234)">:</span><span class="token plain"> </span><span class="token punctuation" style="color:rgb(199, 146, 234)">{</span><span class="token plain"></span></span><br></span><span class="token-line theme-code-block-highlighted-line codeLine_lJS_" style="color:#bfc7d5"><span class="codeLineNumber_Tfdd"></span><span class="codeLineContent_feaV"><span class="token plain">            withCredentials</span><span class="token punctuation" style="color:rgb(199, 146, 234)">:</span><span class="token plain"> </span><span class="token boolean" style="color:rgb(255, 88, 116)">false</span><span class="token plain"> </span><span class="token comment" style="color:rgb(105, 112, 152);font-style:italic">// 如果是https请求可以试试 true</span><span class="token plain"></span></span><br></span><span class="token-line theme-code-block-highlighted-line codeLine_lJS_" style="color:#bfc7d5"><span class="codeLineNumber_Tfdd"></span><span class="codeLineContent_feaV"><span class="token plain">        </span><span class="token punctuation" style="color:rgb(199, 146, 234)">}</span><span class="token punctuation" style="color:rgb(199, 146, 234)">,</span><span class="token plain"></span></span><br></span><span class="token-line theme-code-block-highlighted-line codeLine_lJS_" style="color:#bfc7d5"><span class="codeLineNumber_Tfdd"></span><span class="codeLineContent_feaV"><span class="token plain">        </span><span class="token named-parameter punctuation" style="color:rgb(199, 146, 234)">crossDomain</span><span class="token punctuation" style="color:rgb(199, 146, 234)">:</span><span class="token plain"> </span><span class="token boolean" style="color:rgb(255, 88, 116)">true</span><span class="token p
<div class="theme-admonition theme-admonition-important admonition_xJq3 alert alert--info"><div class="admonitionHeading_Gvgb"><span class="admonitionIcon_Rf37"><svg viewBox="0 0 14 16"><path fill-rule="evenodd" d="M7 2.3c3.14 0 5.7 2.56 5.7 5.7s-2.56 5.7-5.7 5.7A5.71 5.71 0 0 1 1.3 8c0-3.14 2.56-5.7 5.7-5.7zM7 1C3.14 1 0 4.14 0 8s3.14 7 7 7 7-3.14 7-7-3.14-7-7-7zm1 3H6v5h2V4zm0 6H6v2h2v-2z"></path></svg></span>特别注意</div><div class="admonitionContent_BuS1"><p>在本地开发阶段,请求如果出现 <code> Access to XMLHttpRequest...has been blocked by CORS policy: No &#x27;Access-Control-Allow-Origin&#x27; header...</code> 错误,请确保 <code>ajax</code><code>url</code> 参数是正确的,通常<strong>错误的做法</strong>是:</p><ul>
<li>使用了 <code>127.0.0.1</code> 而不是 <code>localhost</code> 主机地址</li>
<li>使用 <code>http</code> 而不是 <code>https</code> 主机协议</li>
<li>使用了 <code>5000</code> 而不是 <code>5001</code> 主机端口</li>
</ul></div></div>
<h2 class="anchor anchorWithHideOnScrollNavbar_WYt5" id="168-禁用跨域">16.8 禁用跨域<a href="#168-禁用跨域" class="hash-link" aria-label="Direct link to 16.8 禁用跨域" title="Direct link to 16.8 禁用跨域"></a></h2>
<p>有时候,我们希望某个方法不检查跨域请求,可以在 <code>Action</code> 中贴 <code>[DisableCors]</code> 特性即可。</p>
<h2 class="anchor anchorWithHideOnScrollNavbar_WYt5" id="169-signalr-跨域问题">16.9 <code>SignalR</code> 跨域问题<a href="#169-signalr-跨域问题" class="hash-link" aria-label="Direct link to 169-signalr-跨域问题" title="Direct link to 169-signalr-跨域问题"></a></h2>
<p><code>SignalR</code> 实现跨域需要满足下面几个条件:</p>
<ul>
<li>允许特定的预期来源,允许任何来源是可行的,但不安全或不推荐使用</li>
<li>必须允许使用 HTTP 方法 <code>GET</code><code>POST</code></li>
<li>为了使基于 <code>cookie</code> 的粘滞会话正常工作,必须允许使用凭据,即使未使用身份验证,也必须启用它们。</li>
</ul>
<p>官方文档说明 <a href="https://docs.microsoft.com/zh-cn/aspnet/core/signalr/security?view=aspnetcore-6.0" target="_blank" rel="noopener noreferrer">https://docs.microsoft.com/zh-cn/aspnet/core/signalr/security?view=aspnetcore-6.0</a></p>
<p><strong><code>Furion 4.1.4+</code> 版本已修正 <code>SignalR</code> 跨域问题,只需要启用 <code>SignalRSupport</code> 配置即可</strong>,如:</p>
<div class="language-json codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#bfc7d5;--prism-background-color:#292d3e"><div class="codeBlockContent_biex"><pre tabindex="0" class="prism-code language-json codeBlock_bY9V thin-scrollbar" style="color:#bfc7d5;background-color:#292d3e"><code class="codeBlockLines_e6Vv codeBlockLinesWithNumbering_o6Pm"><span class="token-line codeLine_lJS_" style="color:#bfc7d5"><span class="codeLineNumber_Tfdd"></span><span class="codeLineContent_feaV"><span class="token plain">{</span></span><br></span><span class="token-line theme-code-block-highlighted-line codeLine_lJS_" style="color:#bfc7d5"><span class="codeLineNumber_Tfdd"></span><span class="codeLineContent_feaV"><span class="token plain"> &quot;CorsAccessorSettings&quot;: {</span></span><br></span><span class="token-line theme-code-block-highlighted-line codeLine_lJS_" style="color:#bfc7d5"><span class="codeLineNumber_Tfdd"></span><span class="codeLineContent_feaV"><span class="token plain"> &quot;SignalRSupport&quot;: true</span></span><br></span><span class="token-line codeLine_lJS_" style="color:#bfc7d5"><span class="codeLineNumber_Tfdd"></span><span class="codeLineContent_feaV"><span class="token plain"> }</span></span><br></span><span class="token-line codeLine_lJS_" style="color:#bfc7d5"><span class="codeLineNumber_Tfdd"></span><span class="codeLineContent_feaV"><span class="token plain">}</span></span><br></span></code></pre><div class="buttonGroup__atx"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_eSgA" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_y97N"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_LjdS"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div>
<h2 class="anchor anchorWithHideOnScrollNavbar_WYt5" id="1610-静态资源跨域问题">16.10 静态资源跨域问题<a href="#1610-静态资源跨域问题" class="hash-link" aria-label="Direct link to 16.10 静态资源跨域问题" title="Direct link to 16.10 静态资源跨域问题"></a></h2>
<p>有时候我们可能通过前端 <code>XMLHttpRequest/Ajax/Fetch</code> 方式加载静态资源,这时可能出现跨域问题,可以通过以下配置解决:</p>
<div class="language-cs codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#bfc7d5;--prism-background-color:#292d3e"><div class="codeBlockContent_biex"><pre tabindex="0" class="prism-code language-cs codeBlock_bY9V thin-scrollbar" style="color:#bfc7d5;background-color:#292d3e"><code class="codeBlockLines_e6Vv codeBlockLinesWithNumbering_o6Pm"><span class="token-line theme-code-block-highlighted-line codeLine_lJS_" style="color:#bfc7d5"><span class="codeLineNumber_Tfdd"></span><span class="codeLineContent_feaV"><span class="token plain">app</span><span class="token punctuation" style="color:rgb(199, 146, 234)">.</span><span class="token function" style="color:rgb(130, 170, 255)">UseStaticFiles</span><span class="token punctuation" style="color:rgb(199, 146, 234)">(</span><span class="token keyword" style="font-style:italic">new</span><span class="token plain"> </span><span class="token constructor-invocation class-name" style="color:rgb(255, 203, 107)">StaticFileOptions</span><span class="token plain"></span></span><br></span><span class="token-line codeLine_lJS_" style="color:#bfc7d5"><span class="codeLineNumber_Tfdd"></span><span class="codeLineContent_feaV"><span class="token plain"></span><span class="token punctuation" style="color:rgb(199, 146, 234)">{</span><span class="token plain"></span></span><br></span><span class="token-line theme-code-block-highlighted-line codeLine_lJS_" style="color:#bfc7d5"><span class="codeLineNumber_Tfdd"></span><span class="codeLineContent_feaV"><span class="token plain"> OnPrepareResponse </span><span class="token operator" style="color:rgb(137, 221, 255)">=</span><span class="token plain"> </span><span class="token punctuation" style="color:rgb(199, 146, 234)">(</span><span class="token plain">stf</span><span class="token punctuation" style="color:rgb(199, 146, 234)">)</span><span class="token plain"> </span><span class="token operator" style="color:rgb(137, 221, 255)">=&gt;</span><span class="token plain"></span></span><br></span><span class="token-line codeLine_lJS_" style="color:#bfc7d5"><span class="codeLineNumber_Tfdd"></span><span class="codeLineContent_feaV"><span class="token plain"> </span><span class="token punctuation" style="color:rgb(199, 146, 234)">{</span><span class="token plain"></span></span><br></span><span class="token-line theme-code-block-highlighted-line codeLine_lJS_" style="color:#bfc7d5"><span class="codeLineNumber_Tfdd"></span><span class="codeLineContent_feaV"><span class="token plain"> stf</span><span class="token punctuation" style="color:rgb(199, 146, 234)">.</span><span class="token plain">Context</span><span class="token punctuation" style="color:rgb(199, 146, 234)">.</span><span class="token plain">Response</span><span class="token punctuation" style="color:rgb(199, 146, 234)">.</span><span class="token plain">Headers</span><span class="token punctuation" style="color:rgb(199, 146, 234)">[</span><span class="token string" style="color:rgb(195, 232, 141)">&quot;Access-Control-Allow-Origin&quot;</span><span class="token punctuation" style="color:rgb(199, 146, 234)">]</span><span class="token plain"> </span><span class="token operator" style="color:rgb(137, 221, 255)">=</span><span class="token plain"> </span><span class="token string" style="color:rgb(195, 232, 141)">&quot;*&quot;</span><span class="token punctuation" style="color:rgb(199, 146, 234)">;</span><span class="token plain"></span></span><br></span><span class="token-line theme-code-block-highlighted-line codeLine_lJS_" style="color:#bfc7d5"><span class="codeLineNumber_Tfdd"></span><span class="codeLineContent_feaV"><span class="token plain"> stf</span><span class="token punctuation" style="color:rgb(199, 146, 234)">.</span><span class="token plain">Context</span><span class="token punctuation" style="color:rgb(199, 146, 234)">.</span><span class="token plain">Response</span><span class="token punctuation" style="color:rgb(199, 146, 234)">.</span><span class="token plain">Headers</span><span class="token punctuation" style="color:rgb(199, 146, 234)">[</span><s
<div class="theme-admonition theme-admonition-tip admonition_xJq3 alert alert--success"><div class="admonitionHeading_Gvgb"><span class="admonitionIcon_Rf37"><svg viewBox="0 0 12 16"><path fill-rule="evenodd" d="M6.5 0C3.48 0 1 2.19 1 5c0 .92.55 2.25 1 3 1.34 2.25 1.78 2.78 2 4v1h5v-1c.22-1.22.66-1.75 2-4 .45-.75 1-2.08 1-3 0-2.81-2.48-5-5.5-5zm3.64 7.48c-.25.44-.47.8-.67 1.11-.86 1.41-1.25 2.06-1.45 3.23-.02.05-.02.11-.02.17H5c0-.06 0-.13-.02-.17-.2-1.17-.59-1.83-1.45-3.23-.2-.31-.42-.67-.67-1.11C2.44 6.78 2 5.65 2 5c0-2.2 2.02-4 4.5-4 1.22 0 2.36.42 3.22 1.19C10.55 2.94 11 3.94 11 5c0 .66-.44 1.78-.86 2.48zM4 14h5c-.23 1.14-1.3 2-2.5 2s-2.27-.86-2.5-2z"></path></svg></span>小知识</div><div class="admonitionContent_BuS1"><p>如果已经注册了 <code>app.UseStaticFiles()</code>,则只需要传递 <code>new StaticFileOptions{ ... }</code> 参数即可,避免多次注册 <code>app.UseStaticFiles()</code></p></div></div>
<h2 class="anchor anchorWithHideOnScrollNavbar_WYt5" id="1611-反馈与建议">16.11 反馈与建议<a href="#1611-反馈与建议" class="hash-link" aria-label="Direct link to 16.11 反馈与建议" title="Direct link to 16.11 反馈与建议"></a></h2>
<div class="theme-admonition theme-admonition-note admonition_xJq3 alert alert--secondary"><div class="admonitionHeading_Gvgb"><span class="admonitionIcon_Rf37"><svg viewBox="0 0 14 16"><path fill-rule="evenodd" d="M6.3 5.69a.942.942 0 0 1-.28-.7c0-.28.09-.52.28-.7.19-.18.42-.28.7-.28.28 0 .52.09.7.28.18.19.28.42.28.7 0 .28-.09.52-.28.7a1 1 0 0 1-.7.3c-.28 0-.52-.11-.7-.3zM8 7.99c-.02-.25-.11-.48-.31-.69-.2-.19-.42-.3-.69-.31H6c-.27.02-.48.13-.69.31-.2.2-.3.44-.31.69h1v3c.02.27.11.5.31.69.2.2.42.31.69.31h1c.27 0 .48-.11.69-.31.2-.19.3-.42.31-.69H8V7.98v.01zM7 2.3c-3.14 0-5.7 2.54-5.7 5.68 0 3.14 2.56 5.7 5.7 5.7s5.7-2.55 5.7-5.7c0-3.15-2.56-5.69-5.7-5.69v.01zM7 .98c3.86 0 7 3.14 7 7s-3.14 7-7 7-7-3.12-7-7 3.14-7 7-7z"></path></svg></span>与我们交流</div><div class="admonitionContent_BuS1"><p>给 Furion 提 <a href="https://gitee.com/dotnetchina/Furion/issues/new?issue" target="_blank" rel="noopener noreferrer">Issue</a></p></div></div>
<hr>
<div class="theme-admonition theme-admonition-note admonition_xJq3 alert alert--secondary"><div class="admonitionHeading_Gvgb"><span class="admonitionIcon_Rf37"><svg viewBox="0 0 14 16"><path fill-rule="evenodd" d="M6.3 5.69a.942.942 0 0 1-.28-.7c0-.28.09-.52.28-.7.19-.18.42-.28.7-.28.28 0 .52.09.7.28.18.19.28.42.28.7 0 .28-.09.52-.28.7a1 1 0 0 1-.7.3c-.28 0-.52-.11-.7-.3zM8 7.99c-.02-.25-.11-.48-.31-.69-.2-.19-.42-.3-.69-.31H6c-.27.02-.48.13-.69.31-.2.2-.3.44-.31.69h1v3c.02.27.11.5.31.69.2.2.42.31.69.31h1c.27 0 .48-.11.69-.31.2-.19.3-.42.31-.69H8V7.98v.01zM7 2.3c-3.14 0-5.7 2.54-5.7 5.68 0 3.14 2.56 5.7 5.7 5.7s5.7-2.55 5.7-5.7c0-3.15-2.56-5.69-5.7-5.69v.01zM7 .98c3.86 0 7 3.14 7 7s-3.14 7-7 7-7-3.12-7-7 3.14-7 7-7z"></path></svg></span>了解更多</div><div class="admonitionContent_BuS1"><p>想了解更多 <code>跨域请求</code> 知识可查阅 <a href="https://docs.microsoft.com/zh-cn/aspnet/core/security/cors?view=aspnetcore-5.0" target="_blank" rel="noopener noreferrer">ASP.NET Core - 启用跨域请求</a> 章节。</p></div></div></div><footer class="theme-doc-footer docusaurus-mt-lg"><a href="http://github.crmeb.net/u/furion" target="_blank" style="display:block;margin-bottom:20px;text-decoration:none;position:relative;border-radius:5px;overflow:hidden;color:#25c2a0" title="CRMEB 专注开源电商系统研发"><img src="/img/crmeb-spec.jpg" style="display:block;pointer-events:none;max-width:100%"><span style="position:absolute;display:block;right:0;bottom:0;z-index:5;font-size:12px;background-color:rgba(0,0,0,0.8);padding:0 5px">特别赞助</span></a><div class="theme-doc-footer-edit-meta-row row"><div class="col"><a class="ass_kwc6" style="margin:0;margin-bottom:10px;height:80px;z-index:999" href="/docs/subscribe"><div class="title_MSGy">开通 VIP 服务尊享一对一技术指导</div><div class="progress_esN_"><div class="number_F0eG">344</div><div class="percent_Dln9"><div class="current_QYTp" style="width:34.4%"></div></div><div class="number_F0eG">1000</div></div></a><a href="https://gitee.com/dotnetchina/Furion/tree/v4/handbook/docs/cors.mdx" target="_blank" rel="noopener noreferrer" class="theme-edit-this-page"><svg fill="currentColor" height="20" width="20" viewBox="0 0 40 40" class="iconEdit_Z9Sw" aria-hidden="true"><g><path d="m34.5 11.7l-3 3.1-6.3-6.3 3.1-3q0.5-0.5 1.2-0.5t1.1 0.5l3.9 3.9q0.5 0.4 0.5 1.1t-0.5 1.2z m-29.5 17.1l18.4-18.5 6.3 6.3-18.4 18.4h-6.3v-6.2z"></path></g></svg>Edit this page</a></div><div class="col lastUpdated_VsjB"><div class="donate_FEDP" style="margin:0;margin-bottom:10px;border:2px solid #ffb02e;margin-top:-4px" title="您的支持是我们坚持完善下去的动力!"><div style="position:relative;margin-right:9px"><img src="/img/donateme.png" style="height:100%;max-height:100%;display:block;min-width:70px" alt="赞助 Furion"><span style="position:absolute;top:25px;left:0;right:0;font-size:12px;z-index:1;text-align:center;color:white;font-weight:bold;background-color:rgba(0, 0, 0, 0.4)">查看大图</span></div><div style="display:flex;flex:1;flex-direction:column;justify-content:space-between;padding:5px 0 5px 0"><h3 style="font-weight:500;font-size:17px;margin:4px 0 0 0;text-align:left;background:linear-gradient(to right, red, blue);background-clip:text;-webkit-background-clip:text;color:transparent;white-space:nowrap;cursor:pointer">谢谢您对 Furion 的认可!</h3><div style="display:flex;justify-content:space-between;white-space:nowrap;margin-top:10px"><span style="font-size:12px;color:#ccc">微信ibaiqian</span><a href="https://gitee.com/dotnetchina/Furion" style="margin-right:6px" target="_blank"><img src="https://gitee.com/dotnetchina/Furion/badge/star.svg?theme=white" alt="star"></a></div></div></div><span class="theme-last-updated">Last updated<!-- --> on <b><time datetime="2023-11-06T06:26:45.000Z">Nov 6, 2023</time></b> by <b>百小僧</b></span></div></div><a style="display:flex;width:100%;box-sizing:border-box;align-items:center;justify-content:space-between;padding-left:5px" title="⭐️ VIP 499 / 365 <EFBFBD>
</body>
</html>