CORS in WCF

[sathley]

In the message inspector you have added the CORS headers in every call which is not required. Applying CORS headers only for OPTIONS calls would have done the trick as well. Plus you want to also specify the "Access-Control-Max-Age" header so as to cache the CORS call.

[monsur]

Hi Sushant. Thanks for the feedback. Would you be willing to pull together a patch? The relevant page is here: https://github.com/mhausenblas/enable-cors.org/blob/gh-pages/server_wcf.html