jquery.min.js:2 Access to XMLHttpRequest at ' ' from origin ' ' has been blocked by CORS policy: Response to preflight req

Question

User-1229905213 posted

Unable to connect to Web API, getting following error.

jquery.min.js:2 Access to XMLHttpRequest at 'http://202.62.64.48/website/api/teksendmail?tsWed%20Apr%2003%202019%2015:02:01%20GMT+0530%20(India%20Standard%20Time)' from origin 'http://kamtek.co.in' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.

Already updated Web.config on server..

<httpProtocol>
<customHeaders>
<add name="Access-Control-Allow-Origin" value="*" />
<add name="Access-Control-Allow-Methods" value="GET,POST,PUT,DELETE,OPTIONS" />
<add name="Access-Control-Allow-Headers" value="Origin, Content-Type, Accept Authorization" />
</customHeaders>
</httpProtocol>

Answer 1

User475983607 posted

Please see the Web API docs to enable CORS as your solution does not look correct.  Assuming this is Web API 2.

https://docs.microsoft.com/en-us/aspnet/web-api/overview/security/enabling-cross-origin-requests-in-web-api

Answer 2

User-1229905213 posted

According to the example, already added Microsoft.AspNet.WebApi.Cors, but still finding the error

Added : below line before the ApiController
[EnableCors("*", "*", "*")]
public class LoginController : ApiController

Answer 3

User475983607 posted

According to the example, already added Microsoft.AspNet.WebApi.Cors, but still finding the error

Added : below line before the ApiController
[EnableCors("*", "*", "*")]
public class LoginController : ApiController

You are doing something incorrectly but have not provided enough information to to provide an accurate solution. 

Did you enable CORS in the startup?

Answer 4

User-1229905213 posted

Yes enabled, please see the code below:

under webapiconfig added below line

config.EnableCors();

and under controller

[EnableCors("*", "*", "*")]

Answer 5

User475983607 posted

bbukkebag

Yes enabled, please see the code below:

under webapiconfig added below line

config.EnableCors();

and under controller

[EnableCors("*", "*", "*")]

I cannot reproduce this issue.  The API is probably throwing an exception and returning and error page which is not CORS enabled.  Try debugging your code.  You can also use the browser's dev tools (F12) to view the response.

Answer 6

User-1229905213 posted

I code is working locally on laptop, even able to call through ajax, only failing after deploying on server

Answer 7

User475983607 posted

I code is working locally on laptop, even able to call through ajax, only failing after deploying on server

It is very common for code to stop working when deployed to a new environment.  Usually due to missing or incorrect configuration.

Verify the deployed code is not throwing an exception.  Use a tool like PostMan to make a request.

https://www.getpostman.com/downloads/

Answer 8

User-1229905213 posted

It is working fine using the postman.

Answer 9

User475983607 posted

It is working fine using the postman.

I'm out of suggestions.  There is something wrong with the code or configuration.   I cannot see the code or reproduces the issue so you'll need to troubleshoot a bit more.

Answer 10

User-474980206 posted

what's in the browsers network trace?

Answer 11

User-1229905213 posted

Please see the browser trace

{
"startedDateTime": "2019-04-04T16:53:50.095Z",
"time": 1730.4569999687374,
"request": {
"method": "OPTIONS",
"url": "http://202.62.64.48/website/api/teksendmail?tsThu%20Apr%2004%202019%2022:23:50%20GMT+0530%20(India%20Standard%20Time)",
"httpVersion": "http/1.1",
"headers": [
{
"name": "Access-Control-Request-Method",
"value": "POST"
},
{
"name": "Origin",
"value": "null"
},
{
"name": "Sec-Fetch-User",
"value": "?F"
},
{
"name": "Sec-Fetch-Site",
"value": "cross-site"
},
{
"name": "Sec-Fetch-Dest",
"value": "empty"
},
{
"name": "User-Agent",
"value": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/73.0.3683.86 Safari/537.36"
},
{
"name": "Access-Control-Request-Headers",
"value": "content-type"
}
],
"queryString": [
{
"name": "tsThu%20Apr%2004%202019%2022:23:50%20GMT+0530%20(India%20Standard%20Time)",
"value": ""
}
],
"cookies": [],
"headersSize": -1,
"bodySize": 0
},
"response": {
"status": 500,
"statusText": "Internal Server Error",
"httpVersion": "http/1.1",
"headers": [],
"cookies": [],
"content": {
"size": 0,
"mimeType": "text/html"
},
"redirectURL": "",
"headersSize": -1,
"bodySize": -1,
"_transferSize": 0
},
"cache": {},
"timings": {
"blocked": 1.474999999102205,
"dns": -1,
"ssl": -1,
"connect": -1,
"send": 0.15100000000000002,
"wait": 1727.2540000105648,
"receive": 1.5769999590702355,
"_blocked_queueing": 0.985999999102205
},
"serverIPAddress": "202.62.64.48",
"_initiator": {
"type": "script",
"stack": {
"callFrames": [
{
"functionName": "send",
"scriptId": "61",
"url": "file:///F:/Application%20Dev/HMISProject/PhotoShop/KamTek/WebApplication/WebSite/js/jquery/dist/jquery.min.js",
"lineNumber": 1,
"columnNumber": 80265
},
{
"functionName": "ajax",
"scriptId": "61",
"url": "file:///F:/Application%20Dev/HMISProject/PhotoShop/KamTek/WebApplication/WebSite/js/jquery/dist/jquery.min.js",
"lineNumber": 1,
"columnNumber": 77117
},
{
"functionName": "",
"scriptId": "63",
"url": "file:///F:/Application%20Dev/HMISProject/PhotoShop/KamTek/WebApplication/WebSite/index.html",
"lineNumber": 384,
"columnNumber": 10
},
{
"functionName": "dispatch",
"scriptId": "61",
"url": "file:///F:/Application%20Dev/HMISProject/PhotoShop/KamTek/WebApplication/WebSite/js/jquery/dist/jquery.min.js",
"lineNumber": 1,
"columnNumber": 41771
},
{
"functionName": "y.handle",
"scriptId": "61",
"url": "file:///F:/Application%20Dev/HMISProject/PhotoShop/KamTek/WebApplication/WebSite/js/jquery/dist/jquery.min.js",
"lineNumber": 1,
"columnNumber": 39790
}
]
}
},
"_priority": "High",
"_resourceType": "xhr",
"connection": "190646",
"pageref": "page_7"
},
{
"startedDateTime": "2019-04-04T16:54:07.845Z",
"time": 43.41799998655915,
"request": {
"method": "OPTIONS",
"url": "http://202.62.64.48/website/api/teksendmail?tsThu%20Apr%2004%202019%2022:24:07%20GMT+0530%20(India%20Standard%20Time)",
"httpVersion": "http/1.1",
"headers": [
{
"name": "Access-Control-Request-Method",
"value": "POST"
},
{
"name": "Origin",
"value": "null"
},
{
"name": "Sec-Fetch-User",
"value": "?F"
},
{
"name": "Sec-Fetch-Site",
"value": "cross-site"
},
{
"name": "Sec-Fetch-Dest",
"value": "empty"
},
{
"name": "User-Agent",
"value": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/73.0.3683.86 Safari/537.36"
},
{
"name": "Access-Control-Request-Headers",
"value": "content-type"
}
],
"queryString": [
{
"name": "tsThu%20Apr%2004%202019%2022:24:07%20GMT+0530%20(India%20Standard%20Time)",
"value": ""
}
],
"cookies": [],
"headersSize": -1,
"bodySize": 0
},
"response": {
"status": 500,
"statusText": "Internal Server Error",
"httpVersion": "http/1.1",
"headers": [],
"cookies": [],
"content": {
"size": 0,
"mimeType": "text/html"
},
"redirectURL": "",
"headersSize": -1,
"bodySize": -1,
"_transferSize": 0
},
"cache": {},
"timings": {
"blocked": 1.4300000165291131,
"dns": -1,
"ssl": -1,
"connect": -1,
"send": 0.15399999999999997,
"wait": 41.268999975208196,
"receive": 0.5649999948218465,
"_blocked_queueing": 0.973000016529113
},
"serverIPAddress": "202.62.64.48",
"_initiator": {
"type": "script",
"stack": {
"callFrames": [
{
"functionName": "send",
"scriptId": "61",
"url": "file:///F:/Application%20Dev/HMISProject/PhotoShop/KamTek/WebApplication/WebSite/js/jquery/dist/jquery.min.js",
"lineNumber": 1,
"columnNumber": 80265
},
{
"functionName": "ajax",
"scriptId": "61",
"url": "file:///F:/Application%20Dev/HMISProject/PhotoShop/KamTek/WebApplication/WebSite/js/jquery/dist/jquery.min.js",
"lineNumber": 1,
"columnNumber": 77117
},
{
"functionName": "",
"scriptId": "63",
"url": "file:///F:/Application%20Dev/HMISProject/PhotoShop/KamTek/WebApplication/WebSite/index.html",
"lineNumber": 384,
"columnNumber": 10
},
{
"functionName": "dispatch",
"scriptId": "61",
"url": "file:///F:/Application%20Dev/HMISProject/PhotoShop/KamTek/WebApplication/WebSite/js/jquery/dist/jquery.min.js",
"lineNumber": 1,
"columnNumber": 41771
},
{
"functionName": "y.handle",
"scriptId": "61",
"url": "file:///F:/Application%20Dev/HMISProject/PhotoShop/KamTek/WebApplication/WebSite/js/jquery/dist/jquery.min.js",
"lineNumber": 1,
"columnNumber": 39790
}
]
}
},
"_priority": "High",
"_resourceType": "xhr",
"connection": "190646",
"pageref": "page_7"
},

Answer 12

User-1229905213 posted

I can see the Get is working fine, able to access from cross domain, only failing for Post.

Anybody has solution, please guide..

Answer 13

User36583972 posted

Hi bbukkebag,

From your description, you have a 500 Internal Server Error. The 500 Internal Server Error is a server-side error, meaning the problem probably isn't with your computer or internet connection but instead with the website's server.

You can try to enable Failed Request Tracing in IIS.

Troubleshooting Failed Requests Using Tracing in IIS 8.5
https://docs.microsoft.com/en-us/iis/troubleshoot/using-failed-request-tracing/troubleshooting-failed-requests-using-tracing-in-iis-85

Best Regards

Yong Lu

Answer 14

User475983607 posted

I can see the Get is working fine, able to access from cross domain, only failing for Post.

Anybody has solution, please guide..

As stated above, your server code is throwing an exception which is not handled by the server side code.  Try adding better exception handlers or review the response in Dev tools.  USually, the HTML error has information on the exception.