marll
commented
4 years ago Hi, I installed the source code of the Refresh Token with Blazor WebAssembly article. It works perfectly using Visual studio. Instead deploying these software on an iis 10 (windows 10)the server return the following error:
Access to fetch at 'https://xyz.com:11111/api/accounts/login' from origin 'https://xyz.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
The server url is :https://xyz.com:11111 The cliente url is :https://xyz.com
Here is the code in startup.cs:
public void ConfigureServices (IServiceCollection services) { services.AddCors (policy => { policy.AddPolicy ("CorsPolicy", opt => opt .AllowAnyOrigin () .AllowAnyHeader () //.WithOrigins("https://xyz.com ")
//.WithMethods("PUT "," DELETE "," GET "," POST "," OPTIONS ") .AllowAnyMethod () .AllowCredentials () //.SetIsOriginAllowed((host) => true) //.WithExposedHeaders("X-Pagination ") // ); });
services.AddDbContext
services.AddScoped <IProductRepository, ProductRepository> (); services.AddScoped <ITokenService, TokenService> ();
services.AddIdentity <User, IdentityRole> ()
.AddEntityFrameworkStores
var jwtSettings = Configuration.GetSection ("JwtSettings"); services.AddAuthentication (opt => { opt.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme; opt.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme; }). AddJwtBearer (options => { options.TokenValidationParameters = new TokenValidationParameters { ValidateIssuer = true, ValidateAudience = true, ValidateLifetime = true, ValidateIssuerSigningKey = true,
ValidIssuer = jwtSettings.GetSection ("validIssuer"). Value,
ValidAudience = jwtSettings.GetSection ("validAudience"). Value,
IssuerSigningKey = new SymmetricSecurityKey (Encoding.UTF8.GetBytes (jwtSettings.GetSection ("securityKey"). Value))
};
});
//services.AddMvc ();
services.AddControllers ();
/services.Configure
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline. public void Configure (IApplicationBuilder app, IWebHostEnvironment env) { //app.UseOptions (); if (env.IsDevelopment ()) { app.UseDeveloperExceptionPage (); }
app.UseRouting (); app.UseCors ("CorsPolicy");
app.UseHttpsRedirection ();
app.UseStaticFiles (); app.UseStaticFiles (new StaticFileOptions () { FileProvider = new PhysicalFileProvider (Path.Combine (Directory.GetCurrentDirectory (), @ "StaticFiles")), RequestPath = new PathString ("/ StaticFiles") });
//app.UseCorsMiddleware (); app.UseAuthentication (); app.UseAuthorization ();
app.UseEndpoints (endpoints => { endpoints.MapControllers (); }); }
Could you tell me what the problem can be? Is it related to the IIS configuration? Thanks
parko65
Hi, the problem occurs when publishing the two apps on iis. What changes need to be made to publish apps on iis? Thanks