Updated source code and changed the documentation to reflect changes …

…in api.
xing-zheng · Nov 8, 2015 · 17dcf70 · 17dcf70
1 parent edb4bdb
commit 17dcf70
Show file tree

Hide file tree

Showing 3 changed files with 23 additions and 17 deletions.
diff --git a/mvc/security/cors-policy.rst b/mvc/security/cors-policy.rst
@@ -3,7 +3,7 @@
 Specifying a CORS Policy
 ========================
 
-By `Mike Wasson`_ 
+By `Mike Wasson`_
 
 Browser security prevents a web page from making AJAX requests to another domain. This restriction is called the *same-origin policy*, and prevents a malicious site from reading sensitive data from another site. However, sometimes you might want to let other sites make cross-origin requests to your web app.
 
@@ -17,25 +17,25 @@ In your project.json file, add the following:
 
 .. literalinclude:: cors-policy/sample/project.json
     :language: json
-    :lines: 5,9-10
+    :lines: 5,11,12
     :emphasize-lines: 2
 
 
 Configure CORS
 --------------
 
-To configure CORS, call ``ConfigureCors`` in the ``ConfigureServices`` method of your ``Startup`` class, as shown here:
+To configure CORS, call ``AddCors`` in the ``ConfigureServices`` method of your ``Startup`` class, as shown here:
 
 .. literalinclude:: cors-policy/sample/Startup.cs
     :language: csharp
-    :lines: 10-21,27
+    :lines: 13-24,30
     :dedent: 8
 
-This example defines a CORS policy named "AllowSpecificOrigin" that allows cross-origin requests from "http://example.com" and no other origins. The lambda takes a ``CorsPolicyBuilder`` object. To learn more about the various CORS policy settings, see :ref:`aspnet:cors-policy-options`. 
+This example defines a CORS policy named "AllowSpecificOrigin" that allows cross-origin requests from "http://example.com" and no other origins. The lambda takes a ``CorsPolicyBuilder`` object. To learn more about the various CORS policy settings, see :ref:`aspnet:cors-policy-options`.
 
 Apply CORS Policies
 -------------------
-    
+
 The next step is to apply the policies. You can apply a CORS policy per action, per controller, or globally for all controllers in your application.
 
 Per action
@@ -65,11 +65,11 @@ Add the ``CorsAuthorizationFilterFactory`` filter to the global filter collectio
 
 .. literalinclude:: cors-policy/sample/Startup.cs
     :language: csharp
-    :lines: 10-12,22-26
+    :lines: 13-15,26-30
     :dedent: 8
-    
-The precedence order is: Action, controller, global. Action-level policies take precedence over controller-level policies, and controller-level policies take precedence over global policies.          
-    
+
+The precedence order is: Action, controller, global. Action-level policies take precedence over controller-level policies, and controller-level policies take precedence over global policies.
+
 Disable CORS
 ^^^^^^^^^^^^
 

diff --git a/mvc/security/cors-policy/sample/Startup.cs b/mvc/security/cors-policy/sample/Startup.cs
@@ -1,6 +1,9 @@
 using Microsoft.AspNet.Builder;
+using Microsoft.AspNet.Hosting;
 using Microsoft.AspNet.Mvc;
+using Microsoft.AspNet.Mvc.Cors;
 using Microsoft.Framework.DependencyInjection;
+using Microsoft.Framework.Logging;
 
 namespace CorsMvc
 {
@@ -10,7 +13,7 @@ public class Startup
         public void ConfigureServices(IServiceCollection services)
         {
             services.AddMvc();
-            services.ConfigureCors(options =>
+            services.AddCors(options =>
             {
                 // Define one or more CORS policies
                 options.AddPolicy("AllowSpecificOrigin",
@@ -26,7 +29,7 @@ public void ConfigureServices(IServiceCollection services)
             });
         }
 
-        public void Configure(IApplicationBuilder app)
+        public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory)
         {
             app.UseMvc();
         }

diff --git a/mvc/security/cors-policy/sample/project.json b/mvc/security/cors-policy/sample/project.json
@@ -3,14 +3,16 @@
   "version": "1.0.0-*",
 
   "dependencies": {
-    "Microsoft.AspNet.Server.IIS": "1.0.0-beta4",
-    "Microsoft.AspNet.Server.WebListener": "1.0.0-beta4",
-    "Microsoft.AspNet.Mvc": "6.0.0-beta4",
-    "Microsoft.AspNet.Cors": "1.0.0-beta4"
+    "Microsoft.AspNet.Server.WebListener": "1.0.0-beta8",
+    "Microsoft.AspNet.Mvc": "6.0.0-beta8",
+    "Microsoft.AspNet.Server.Kestrel": "1.0.0-beta8",
+    "Microsoft.Framework.Logging": "1.0.0-beta8",
+    "Microsoft.Framework.Logging.Console": "1.0.0-beta8",
+    "Microsoft.AspNet.Cors": "6.0.0-beta8"
   },
 
   "commands": {
-      "web": "Microsoft.AspNet.Hosting --server Microsoft.AspNet.Server.WebListener --server.urls http://localhost:5000"
+      "web": "Microsoft.AspNet.Server.Kestrel --server.urls http://localhost:5000"
   },
 
   "frameworks": {
@@ -25,6 +27,7 @@
     "**.user",
     "**.vspscc"
   ],
+
   "exclude": [
     "wwwroot",
     "node_modules",