Why is my ASP.NET Web API ActionFilterAttribute OnActionExecuting not firing?
Solution 1:
If you're working in a project contains both MVC and WebAPI assembilies, could you check what's the namespace your ActionFilterAttribute's namespace. It's fairly confusing cause there are two ActionFilterAttributes under both:
- WebAPI: System.Web.Http.Filters
- MVC: System.Web.Http.Mvc
Solution 2:
The answer above definitely helped me - to save others some time... here is explicitly the difference.
Standard MVC Controllers use:
// System.Web.Mvc
public override void OnActionExecuting(ActionExecutingContext filterContext)
{
base.OnActionExecuting(filterContext);
}
OData HTTP Controllers use:
// System.Web.Http.Filters;
public override void OnActionExecuted(HttpActionExecutedContext actionExecutedContext)
{
base.OnActionExecuted(actionExecutedContext);
}
Solution 3:
For anyone else who comes across this, ActionFilterAttribute will not fire when calling YourController.YourAction from your UnitTest.
[TestMethod]
public void RevokeSiteAdmin_SessionOver()
{
FakeDbContext db = new FakeDbContext();
YourController controller = new YourController(db);
var result = controller.YourAction();
//Some Assertions
}
In the TestMethod above, any ActionFilterAttributes on YourController.YourAction will not be called. However; if you call YourController.YourAction from a browser, your ActionFilterAttribute will be called.
This is true for at least WebApi, but I don't know if it applies to MVC.
Solution 4:
Here is the complete Implementation:
public class AllowCrossSiteJsonAttribute : System.Web.Mvc.ActionFilterAttribute
{
public override void OnActionExecuted(System.Web.Mvc.ActionExecutedContext filterContext)
{
if (filterContext.HttpContext != null && filterContext.HttpContext.Response != null && filterContext.HttpContext.Request != null && filterContext.HttpContext.Request.UrlReferrer != null)
{
var allowedCrossDomains = TypeSafeConfigurationManager.GetValueString("allowedCrossDomains", "none");
var allowedHosts = allowedCrossDomains.Split(',');
var requestHost = filterContext.HttpContext.Request.UrlReferrer.GetLeftPart(UriPartial.Authority);
if (allowedHosts.Contains(requestHost.ToLower()))
{
filterContext.HttpContext.Response.Headers.Add("Access-Control-Allow-Origin", requestHost);
}
}
base.OnActionExecuted(filterContext);
}
}
public class AllowCrossSiteJsonForWebApiAttribute : ActionFilterAttribute
{
public override void OnActionExecuted(HttpActionExecutedContext actionExecutedContext)
{
if (actionExecutedContext.Response != null && actionExecutedContext.Request != null &&
actionExecutedContext.Request.Headers.Referrer != null)
{
var allowedCrossDomains = TypeSafeConfigurationManager.GetValueString("allowedCrossDomains", "none");
var allowedHosts = allowedCrossDomains.Split(',').ToList();
var requestHost = actionExecutedContext.Request.Headers.Referrer.GetLeftPart(UriPartial.Authority);
if (allowedHosts.Contains(requestHost.ToLower()))
{
actionExecutedContext.Response.Headers.Add("Access-Control-Allow-Origin", requestHost);
}
base.OnActionExecuted(actionExecutedContext);
}
}
}