search

dotnet / aspnetcore

ASP.NET Core is a cross-platform .NET framework for building modern cloud-based web applications on Windows, Mac, or Linux.
https://asp.net
MIT License
35.24k stars 9.95k forks source link

The 'Access-Control-Allow-Origin' header contains multiple values '*, *', but only one is allowed #2237

Closed helderboone closed 6 years ago

helderboone commented 6 years ago

I created an angular 1 app which consumes an RESTfull web service (asp net core 1.1).

I have enabled CORS with the following settings:

Startup.cs

 public void ConfigureServices(IServiceCollection services)
        {
        services.AddCors(options => options.AddPolicy("AllowAll", p => p.AllowAnyOrigin().AllowAnyMethod().WithHeaders("accept", "content-type", "authorization")));        
            var mvc = services.AddMvc();
    }

 public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory)
        {
            app.UseCors("AllowAll");
      }

FooController.cs

    [EnableCors("AllowAll")]
    public class FooController : Controller
    {   }

The angular http method call

 $http({
                    method: 'POST',
                    url: 'https://www.mydomain.com/api/foo/',
                    data: data,
                    headers:
                    {
                        'Content-Type': 'application/json',
                        'Authorization': 'Basic mytoken'
                    }
                })

Any thoughts?

Tratcher commented 6 years ago

This issue was moved to aspnet/CORS#129