Enabling CORS on a WCF Service RRS feed

  • Question

  •     Hi guys.

        I am really at my wits end, and I am going crazy because I am not getting much help ( by searching google etc. )

        The situation:

    I simply do not know how to enable CORS properly in my WCF Service, so that I can communicate through JQuery or AJAX. I have tried everything and I keep hitting a brick wall.....

         My global.asax file looks like This - in a miserable attempt to enable CORS:
        Imports System.Web.SessionState
        Public Class Global_asax
            Inherits System.Web.HttpApplication
            ''' <summary>
            ''' Enables cross domain POST, MERGE, DELETE for Firefox and Chrome
            ''' This requires:
            ''' <system.ServiceModel>
            '''     <serviceHostingEnvironment aspNetCompatibilityEnabled="true" />
            ''' </summary>
            Shared Sub EnableCrossDomain()
                Dim origin As String = HttpContext.Current.Request.Headers("Origin")
                If String.IsNullOrEmpty(origin) Then
                End If
                HttpContext.Current.Response.AddHeader("Access-Control-Allow-Origin", origin)
                Dim method As String = HttpContext.Current.Request.Headers("Access-Control-Request-Method")
                If (Not String.IsNullOrEmpty(method)) Then
                    HttpContext.Current.Response.AddHeader("Access-Control-Allow-Methods", method)
                End If
                Dim headers As String = HttpContext.Current.Request.Headers("Access-Control-Request-Headers")
                If (Not String.IsNullOrEmpty(headers)) Then
                    HttpContext.Current.Response.AddHeader("Access-Control-Allow-Headers", headers)
                End If
                HttpContext.Current.Response.AddHeader("Access-Control-Allow-Credentials", "true")
                If HttpContext.Current.Request.HttpMethod = "OPTIONS" Then
                    HttpContext.Current.Response.StatusCode = 204
                End If
            End Sub
            Sub Application_Start(ByVal sender As Object, ByVal e As EventArgs)
                ' Fires when the application is started
            End Sub
            Sub Session_Start(ByVal sender As Object, ByVal e As EventArgs)
                ' Fires when the session is started
            End Sub
            Sub Application_BeginRequest(ByVal sender As Object, ByVal e As EventArgs)
                'HttpContext.Current.Response.AddHeader("Access-Control-Allow-Origin", "*")
                'If HttpContext.Current.Request.HttpMethod = "OPTIONS" Then
                '    HttpContext.Current.Response.AddHeader("Access-Control-Allow-Methods", "POST, PUT, DELETE")
                '    HttpContext.Current.Response.AddHeader("Access-Control-Allow-Headers", "Content-Type, Accept")
                '    HttpContext.Current.Response.AddHeader("Access-Control-Max-Age", "1728000")
                '    HttpContext.Current.Response.End()
                'End If
                '' Fires at the beginning of each request
            End Sub
            Sub Application_AuthenticateRequest(ByVal sender As Object, ByVal e As EventArgs)
                ' Fires upon attempting to authenticate the use
            End Sub
            Sub Application_Error(ByVal sender As Object, ByVal e As EventArgs)
                ' Fires when an error occurs
            End Sub
            Sub Session_End(ByVal sender As Object, ByVal e As EventArgs)
                ' Fires when the session ends
            End Sub
            Sub Application_End(ByVal sender As Object, ByVal e As EventArgs)
                ' Fires when the application ends
            End Sub
        End Class

        My Web.Config file looks like This :

        <?xml version="1.0"?>
              <compilation debug="true" targetFramework="4.0" />
                <service name="UmbrellaMobileService"
                  <binding name="webHttpBindingWithJsonP" crossDomainScriptAccessEnabled="true" />
                <!--SERVICE BEHAVIORS-->
                    <behavior name="MyServiceBehavior">
                        <serviceMetadata httpGetEnabled="true"/>
                        <serviceDebug includeExceptionDetailInFaults="true"/>
                <!--ENDPOINT BEHAVIORS-->
                    <behavior name="webEndPointBehavior">
                        <webHttp defaultOutgoingResponseFormat="Json" defaultBodyStyle="Bare"/>
            <serviceHostingEnvironment multipleSiteBindingsEnabled="true" aspNetCompatibilityEnabled="true"/>
            <modules runAllManagedModulesForAllRequests="true"/>
                <add name="Access-Control-Allow-Origin" value="*"/>

        I need to read the data from my Service in JSON format and display it on my mobile app - but it doesn't matter what I do, it just doesn't happen.

    I do not know what else to do and how to do it to enable CORS, so that I can communicate properly

    Can anyone help?
    Friday, September 18, 2015 12:29 PM


  • Hi HanneSThEGreaT,

    I saw your code and config file, it looked was right. But, in my opinion,

    we should make sure your service is worked fine. We can use fiddler to debug it.

    Debug WCF REST Service.

    If it worked fine. That means the client issue, as far as I know, when we call a wcf service form moble

    phone, we need to setHeader, like below:

    request.setHeader("Accept", "application/json");
    request.setHeader("Content-type", "application/json");

    Next, may be you can try add this section in your web.config file. Like this

          <standardEndpoint crossDomainScriptAccessEnabled="true"></standardEndpoint>

    This node should be add as a child node of servicemodel.

    For more information, please refer to the following articles:

    1.Consuming WCF REST Services Using jQuery AJAX Calls

    2.Implementing CORS support in WCF

    3.Enabling CORS in WCF

    Best Regards,


    Monday, September 21, 2015 6:35 AM