Add service and create Policy with options To do this start with registering CORS functionality in ConfigureServices() of Startup.cs: public void ConfigureServices(IServiceCollection services) It allows the policy to be reused and be applied selectivelyīelow I use the explicit policy approach.It allows me to add CORS and declare the policy in one place.There are a number of different ways to do this but by far the best approach IMHO is to create a CORS policy and then apply that policy either globally to all requests or specific controllers. To set up CORS is at least a 3 step process: In this case the source domain is Angular's dev server (localhost:3000) and the target server is my ASP.NET API service (localhost:5000 (raw Kestrel) or localhost/albumviewer (IIS/IIS Express)). When browsers make cross domain calls using XHR, they request CORS headers to decide whether the target server allows access to the source domain. It's good to be king, huh? (especially a king with no clothes since the protocol does next to nothing to prevent malicious attacks but that's a story for another post) I allow cross domain calls from the domains I specify CORS Setup in ASP.NET CoreĬORS is a server based mechanism that essentially lets a server say: Alas those calls failed and upon closer inspection it was due to the fact that the CORS headers weren't getting sent. Angular 2.0's default working environment runs a development server off a seperate port which is effectively a seperate domain and all calls back to the main ASP.NET site for the API calls effectively are cross domain calls. Last night I was working on updating my ASP.NET Core AlbumViewer sample application to Angular 2.0 and in the process ran into CORS problems.
0 kommentar(er)
