Bug #1: Preflight request to OData endpoint failed because ambiguous action methods.
Repro
On server, set up a simple CORS supported OData endpoint providing functionality of creating entity. For example:
[EnableCors]
public class ProductsController : EntitySetController<Product, int>
{
// ......
protected override Product CreateEntity(Product entity)
{
if (entity == null)
{
throw new ArgumentNullException("entity");
}
entity.ID = MAX_ID++;
products.Add(entity);
return entity;
}
// ......
}
Adding following line to global.asax.cs or WebApiConfig, make NO default policy is created.
config.EnableCors();
On client, using following JavaScript code snippets to send POST request:
var data = {
ID: 6,
Name: "Sample",
Category: "Unknown"
};
var xhr = new XMLHttpRequest();
xhr.open('post', getTestUrl("odata/Products"));
xhr.setRequestHeader("Content-Type", "application/json");
xhr.setRequestHeader("Accept", "application/json");
xhr.onload = function () {
equal(201, xhr.status, "status code == 201");
start();
};
xhr.onerror = function () {
ok(false, "this is supposed to be onload");
start();
};
xhr.send(JSON.stringify(data));
The preflight request will fail with a 500 because of exception:
{"Multiple actions were found that match the request:
System.Net.Http.HttpResponseMessage Post(CorsTestHost.DataModels.Product) on type System.Web.Http.OData.EntitySetController`2[[CorsTestHost.DataModels.Product, CorsTestHost, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null],[System.Int32, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]]
System.Net.Http.HttpResponseMessage HandleUnmappedRequest(System.Web.Http.OData.Routing.ODataPath) on type System.Web.Http.OData.EntitySetController`2[[CorsTestHost.DataModels.Product, CorsTestHost, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null],[System.Int32, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]]"}
at System.Web.Http.Controllers.ApiControllerActionSelector.ActionSelectorCacheItem.SelectAction(HttpControllerContext controllerContext) in c:\Git\aspnetwebstack\src\System.Web.Http\Controllers\ApiControllerActionSelector.cs:line 207
As the default policy is not set the try catch at line 47 in AttributeBasePolicyProviderFactory can’t fall back to default policy provider. In terms of why there is ambiguous action it must deal with OData controller.
Repro
On server, set up a simple CORS supported OData endpoint providing functionality of creating entity. For example:
[EnableCors]
public class ProductsController : EntitySetController<Product, int>
{
// ......
protected override Product CreateEntity(Product entity)
{
if (entity == null)
{
throw new ArgumentNullException("entity");
}
entity.ID = MAX_ID++;
products.Add(entity);
return entity;
}
// ......
}
Adding following line to global.asax.cs or WebApiConfig, make NO default policy is created.
config.EnableCors();
On client, using following JavaScript code snippets to send POST request:
var data = {
ID: 6,
Name: "Sample",
Category: "Unknown"
};
var xhr = new XMLHttpRequest();
xhr.open('post', getTestUrl("odata/Products"));
xhr.setRequestHeader("Content-Type", "application/json");
xhr.setRequestHeader("Accept", "application/json");
xhr.onload = function () {
equal(201, xhr.status, "status code == 201");
start();
};
xhr.onerror = function () {
ok(false, "this is supposed to be onload");
start();
};
xhr.send(JSON.stringify(data));
The preflight request will fail with a 500 because of exception:
{"Multiple actions were found that match the request:
System.Net.Http.HttpResponseMessage Post(CorsTestHost.DataModels.Product) on type System.Web.Http.OData.EntitySetController`2[[CorsTestHost.DataModels.Product, CorsTestHost, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null],[System.Int32, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]]
System.Net.Http.HttpResponseMessage HandleUnmappedRequest(System.Web.Http.OData.Routing.ODataPath) on type System.Web.Http.OData.EntitySetController`2[[CorsTestHost.DataModels.Product, CorsTestHost, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null],[System.Int32, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]]"}
at System.Web.Http.Controllers.ApiControllerActionSelector.ActionSelectorCacheItem.SelectAction(HttpControllerContext controllerContext) in c:\Git\aspnetwebstack\src\System.Web.Http\Controllers\ApiControllerActionSelector.cs:line 207
As the default policy is not set the try catch at line 47 in AttributeBasePolicyProviderFactory can’t fall back to default policy provider. In terms of why there is ambiguous action it must deal with OData controller.