locked
Enabling CORS RRS feed

  • Question

  • User-1129879462 posted

    How to enable to CORS on server side(ASP.Net WebAPI) and client side (ajax call)?

    Though it has been done this way it seems it is not working:

    Any help would be appreciated.

    public static class WebApiConfig
    {
      public static void Register(HttpConfiguration config)
      {
        // Other configuration omitted
        config.EnableCors(new EnableCorsAttribute("domainname.com", "*", "*"));
      }
    }
    Wednesday, September 21, 2016 2:36 AM

Answers

  • User-1129879462 posted

    This has fixed : https://forums.asp.net/t/2032931.aspx?How+to+enable+CORS+in+Odata+NET+service+

    protected void Application_BeginRequest(object sender, EventArgs e)
            {
                if (Context.Request.Path.Contains("odata/") && Context.Request.HttpMethod == "OPTIONS")
                {
                    Context.Response.AddHeader("Access-Control-Allow-Origin", Context.Request.Headers["Origin"]);
                    Context.Response.AddHeader("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept");
                    Context.Response.AddHeader("Access-Control-Allow-Methods", "GET, POST PUT, DELETE, OPTIONS");
                    Context.Response.AddHeader("Access-Control-Allow-Credentials", "true");
                    Context.Response.End();
                }
            }
    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Friday, September 30, 2016 8:36 PM

All replies

  • User36583972 posted

    Hi krisrajz,

    config.EnableCors(new EnableCorsAttribute("domainname.com", "*", "*"));

    The above code will enable CORS for all Web API controllers in your application.

    You can refer the following detailed tutorial.

    Enabling Cross-Origin Requests in ASP.NET Web API 2:

    http://www.asp.net/web-api/overview/security/enabling-cross-origin-requests-in-web-api

    Please make a test on your side (you can try methods which provided in the tutorial), Then, if you have any error in your code, you could also share us more relevant message to help us reproduce the problem.

    Best Regards,

    Yohann Lu

    Wednesday, September 21, 2016 2:59 AM
  • User1779161005 posted

    An origin is a combination of scheme, host, and port. "domainname.com" is not an origin. "https://domainname.com" is an origin.

    Wednesday, September 21, 2016 3:07 AM
  • User-1129879462 posted

    Have tried both with scheme and without scheme "http"

    Wednesday, September 21, 2016 9:24 PM
  • User-1129879462 posted

    This has fixed : https://forums.asp.net/t/2032931.aspx?How+to+enable+CORS+in+Odata+NET+service+

    protected void Application_BeginRequest(object sender, EventArgs e)
            {
                if (Context.Request.Path.Contains("odata/") && Context.Request.HttpMethod == "OPTIONS")
                {
                    Context.Response.AddHeader("Access-Control-Allow-Origin", Context.Request.Headers["Origin"]);
                    Context.Response.AddHeader("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept");
                    Context.Response.AddHeader("Access-Control-Allow-Methods", "GET, POST PUT, DELETE, OPTIONS");
                    Context.Response.AddHeader("Access-Control-Allow-Credentials", "true");
                    Context.Response.End();
                }
            }
    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Friday, September 30, 2016 8:36 PM