Reputation: 361
CorsMiddleware in OWIN
I'm still trying to get my head around OWIN, and in particularly why would I want to configure CORS thru OWIN using the CorsMiddleware:
appBuilder.UseCors(…)
Instead of just keep using the HttpConfiguration, like this:
var config = new HttpConfiguration();
config.EnableCors(…);
appBuilder.UseWebApi(config);
Given that the latter is compatible with both EnableCors and DisableCors attributes, which gives you a more fine-grained control (at least I haven't been able to find a way to configure the CorsMiddleware in a per Controller basis).
Upvotes: 1
Views: 674
Answers (2)
Reputation: 110
I would like to share that in the IAppBuilder, one may set several CORS settings in System.Web.Cors.CorsPolicy including a list of allowed origins. Then create the Microsoft.Owin.Cors.CorsOptions from the CorsPolicy:
var corsPolicy = new CorsPolicy
{
// ...
};
corsPolicy.Origins.Add(origin);
var corsOptions = new CorsOptions
{
PolicyProvider = new CorsPolicyProvider
{
PolicyResolver = context => Task.FromResult(corsPolicy)
}
};
// finally
app.UseCors(corsOptions);
Upvotes: 0
Reputation: 142134
If the Web API CORS stuff works for you then just use it. The only reason to use the Owin Middleware is if you app framework doesn't support it, or if you have multiple apps hosted together and would rather have you one CORS handler.
Owin middleware allows the writers of the middleware to only have to write it once, not for each framework. As a consumer it doesn't add much value to you.
Upvotes: 1
Related Questions
- Enable CORS for Web Api 2 and OWIN token authentication
- CORS is not working in web api with OWIN authentication
- Web API CORS implementation
- CORS error on Owin Self Host WebApi2
- WebAPI OWIN SelfHosting CORS support
- CORS and ASP.Net Web API
- Cors not working in web api 2.0
- Self-Hosted WEB API in OWIN with CORS
- CORS implementation in WEBAPI - .net framework 4.0
- Owin Cors Error