locked
web api CORS RRS feed

  • Question

  • User2117511984 posted

    Hello, I wrote a web api application in visual studio. It works in the local area without any problem. I also made the cors settings, but when I put it on the hosting I rented, I get the cors error again.

    NOTE: While there is no problem with get, post methods, I get this cors error when updating put method.

    Codes:  startup.cs

     services.AddCors(options => {

                    options.AddPolicy(name: "MyAllowedSpecificOrigins",
                        builder => { builder.AllowAnyOrigin()
                                          .AllowAnyMethod()
                                          .AllowAnyHeader();
                        });
                });

    Monday, May 17, 2021 7:56 AM

All replies

  • User475983607 posted

    Most likely the HTTP PUT is throwing an exception.  The error message response from the application is not CORS enabled.  Take a few moments to debug your code with the browser's dev tools.  Dev tools shows the actual response from the server in the Network view.  Read the response to find the error.

    Monday, May 17, 2021 10:36 AM
  • User287926715 posted

    Hi JoKeR548,

    I get this cors error when updating put method.

    What is the specific error content of your CORS? You can first navigate to the website or web application in question, and then use the F12 developer tool to go to the console to view the CORS error message. You can view the document based on the specific error message.

    Best Regards,

    ChaoDeng

    Tuesday, May 18, 2021 3:08 AM
  • User2117511984 posted

    thank you for your answer ChaoDeng

    This is the cors error I got with the f12 tool ;

    Access to XMLHttpRequest at 'https://webservicehost.me/about' from origin 'https://clienthost.xyz' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.

    Tuesday, May 18, 2021 8:39 AM
  • User2117511984 posted

    thank you i will try for your advice.

    Tuesday, May 18, 2021 8:57 AM
  • User287926715 posted

    Hi JoKeR548,

    JoKeR548

    No 'Access-Control-Allow-Origin' header is present on the requested resource.

    You need to enable CORS in your Web Api. You can add the following content to web.config.

    <system.webServer>
      <httpProtocol>
        <customHeaders>
          <add name="Access-Control-Allow-Origin" value="*" />
          <add name="Access-Control-Allow-Headers" value="Content-Type" />
          <add name="Access-Control-Allow-Methods" value="GET, POST, PUT, DELETE, OPTIONS" />
        </customHeaders>
      </httpProtocol>
    </system.webServer>

    Please note that the Methods are all individually specified, instead of using *  . This is because there is a bug occurring when using *.

    Best Regards,

    ChaoDeng

    Wednesday, May 19, 2021 6:58 AM
  • User2117511984 posted
    Thank you for your answer. This time I encountered an error like this.

    Access to XMLHttpRequest at 'https://mywebapi.me/product/1' from origin 'https://myclient.store' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header contains multiple values '*, 'https://myclient.store' , but only one is allowed.
    Wednesday, May 19, 2021 10:31 AM
  • User475983607 posted

    For the second time, check for an error response from the server.   Most likely your Web API action is throwing an exception.  

    Open the browser's dev tools and select the Network view.  Make the AJAX request.  Click the page that caused the CORS error.  Select the Response tab and review the HTML for errors. 

    Wednesday, May 19, 2021 10:53 AM