CORS doesn't seem to be working

[halfrubbish]

I have the following code which is to act as a json proxy between two bits of my network but the CORS header doesn't seem to be being added on. Chrome complains and I also can't see the header if I just do a normal powershell invoke-webrequest on it.

Any ideas why?

`

    public MainPage()
    {
        this.InitializeComponent();
        Run();
    }

    public async Task Run()
    {
        var restRouteHandler = new RestRouteHandler();
        restRouteHandler.RegisterController<ParameterController>();

        var configuration = new HttpServerConfiguration()
          .ListenOnPort(8800)
          .RegisterRoute("api", restRouteHandler)
          .EnableCors(x=> x.AddAllowedOrigin("http://mydomain.com"));

        var httpServer = new HttpServer(configuration);
        await httpServer.StartServerAsync();

    }

   [RestController(InstanceCreationType.Singleton)]
   public class ParameterController
   {

   [UriFormat("/epms")]
    public async Task<GetResponse> GetEPMS()
    {
        var contents = "";
        var wr = WebRequest.CreateHttp("http://192.168.1.90/current-sample");
        wr.ContentType = "Application/json";

        var responseTask = Task.Factory.FromAsync<WebResponse>
                                  (wr.BeginGetResponse,
                                   wr.EndGetResponse,
                                   null);
        using (var response = (HttpWebResponse)await responseTask)
        {
            Stream responseStream = response.GetResponseStream();
            using (var reader = new StreamReader(responseStream))
            {
                contents = reader.ReadToEnd();
            }

        }

        var json = JsonConvert.DeserializeObject(contents);

        return new GetResponse(
          GetResponse.ResponseStatus.OK,
          json);
    }

}

`

[Jark]

Hi @mattpacker,

Can you show me the Invoke-WebRequest you're doing? are you adding the Host header with your domain when you invoke the request?

Also, are you sure your json request is coming from http://mydomain.com and not from any subdomain (like for example http://www.mydomain.com) ? The host header will have to exactly match what you pass into AddAllowedOrigin.

[tomkuijsten]

I tested this scenario and the headers do get added. I think @Jark raised the possible problem. A simple test for you @mattpacker would be to use the EnableCors() method, without explicitly specifying the host. That should work.

[tomkuijsten]

@mattpacker I created a reproduction scenario with Chrome and got the same error message, I'm investigating it right now.

[Jark]

@tomkuijsten thanks for investigating.

Make sure you use fiddler to examine the responses and not chrome itself. Chrome will sometimes leave out some of the headers / remove headers that you specify in your JavaScript.

[tomkuijsten]

Well chrome did it perfectly well, the problem was that I made the exact same mistake as @mattpacker probably. I didn't use the EnableCors() but specified a wrong host. When I fixed that it all worked fine, tested in Chrome (developer tools are not that clear about the problem though, you should check the console for the real error).

@mattpacker, please, confirm that it was the hostname, or else add another reproduction scenario.

[halfrubbish]

Hmm. I am still having issues here. Is it possible I can supply you with the hostname / IP address to your email to avoid pasting here and you can take a look?

Thank you for your help.

[tomkuijsten]

Send me an e-mail: tomkuijsten at gmail.com

[tomkuijsten]

Didn't receive anything yet. We're using CORS internally here and have no problem at all. I'm gonna close this issue, if you send me some reproduction scenario we can reopen it.