public override void OnActionExecuting (Httpactioncontext actionexecutedcontext)
{
var request = HttpContext.Current.Request;
var response = HttpContext.Current.Response;
if (request). HttpMethod = = "Get")
{
Response. Headers.add (Accesscontrolalloworigin, Originheaderall);
}
Else
{
XmlDocument xd = new XmlDocument ();
String phypath = HttpContext.Current.Request.MapPath ("/allowdomain.xml");
Xd. Load (Phypath);
XmlElement XE = xd. DocumentElement;
XmlNode xn = Xe. FirstChild;
list<string> Allowdomain = new list<string> ();
foreach (XmlNode cn in xn. ChildNodes)
{
Allowdomain.add (CN. InnerText);
}
var defaultallow = string. Empty;
var Soriginarray = HttpContext.Current.Request.Headers.GetValues ("Origin");
if (Soriginarray!= null)
{
var sorigin = Soriginarray. FirstOrDefault ();
if (!string. IsNullOrEmpty (Sorigin))
{
foreach (var ad in Allowdomain)
{
var newad = AD;
if (AD. EndsWith ("/"))
{
Newad = AD. Substring (0, AD. LENGTH-2);
}
if (Sorigin. ToLower () = = Newad. ToLower ())
{
Defaultallow = Newad;
Break
}
}
}
}
Else
{
var Srefererarray = HttpContext.Current.Request.Headers.GetValues ("Referer");
if (Srefererarray!= null)
{
var sreferer = Srefererarray. FirstOrDefault ();
if (!string. IsNullOrEmpty (Sreferer))
{
var array = Sreferer. Split (new string[] {"://"}, Stringsplitoptions.removeemptyentries);
var domain = array[1]. Substring (0, array[1]. IndexOf ("/") + 1);
Domain = array[0] + "://" + domain;
foreach (var ad in Allowdomain)
{
var newad = AD;
if (AD. EndsWith ("/"))
{
Newad = AD. Substring (0, AD. LENGTH-2);
}
if (domain. ToLower () = = Newad. ToLower ())
{
Defaultallow = Newad;
Break
}
}
}
}
}
Response. Headers.add (Accesscontrolalloworigin, Defaultallow);
Response. Headers.add (Accesscontrolallowcredentials, Credentialsheaderdefault);
}
}
Allowdomain.xml format
<?xml version= "1.0" encoding= "Utf-8"?>
<root>
<allowDomain>
<domain>http://localhost</domain>
<domain>http://localhost:8088</domain>
</allowDomain>
</root>