Closed enricobenedos closed 4 years ago
@enricobenedos specifying AllowAnyOrigin
with AllowCredentials
is disallowed by the builder and is likely throwing. I'd expect to see a managed exception that says as much. Do you see one?
Thank you @pranavkm you are right. Removing AllowCredential
the application start normally without any error.
I'm trying to solve an error caused by CORS in my API. When I try to do some requests with Postman all works well, when I try with a Dart backend I receive these errors in the browser console:
OPTIONS http://localhost:5000/api/gpx 405 (Method Not Allowed)
Access to XMLHttpRequest at 'http://localhost:5000/api/gpx' from origin 'http://localhost:49487' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
Now I'm not able to understand if it is a NetCore API issue or Dart backend.
Finally I solve my second error moving the UseCors()
call before all the others
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
{
app.UseCors(MyAllowSpecificOrigins);
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
app.UseHttpsRedirection();
app.UseRouting();
app.UseAuthorization();
app.UseEndpoints(endpoints =>
{
endpoints.MapControllers();
});
}
Describe the bug
API debug does not start when adding cors policies
To Reproduce
Exception
Further technical details