dsuryd
commented
4 years ago I'm no CORS expert, but the preflight response error seems to indicate the configuration is too permissive? See this SO.
Closed DevZ1 closed 4 years ago
dsuryd
commented
4 years ago I'm no CORS expert, but the preflight response error seems to indicate the configuration is too permissive? See this SO.
dsuryd
commented
4 years ago Closed for inactivity.
Hi,
I have a SPA application hosted in Docker container (webhost) with all CoRS headers allowed etc. My Dotnetify application is hosted also on another docker container port 4001 within .net core webhost solution. If i test locally everything is ok (against port 4001), but if i want to use it online where my SPA is hosted on port 443 with SSL certificate I get the following error:
Access to XMLHttpRequest at 'https://xxxxxxx.xxxx.com/dotnetify/negotiate' from origin 'https://xxxxx.xxxxxx.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: The value of the 'Access-Control-Allow-Origin' header in the response must not be the wildcard '*' when the request's credentials mode is 'include'. The credentials mode of requests initiated by the XMLHttpRequest is controlled by the withCredentials attribute.
I use nginx to create https url for dotnetify https://xxxxxxx.xxxx.com/dotnetify/negotiate but somehow i get this error. Either nginx is not configured properly or all my efforts on the dotnetify app to allow cors don't work. Anybody else had this situation and how did you solve this?
Thank you for your help. Hayko.