CODEWITHSUNDEEP
c#angularjsnode.jsservicestack
Ohjay44
Ohjay44

Reputation: 897

CORS issue with C# Servicestack and NodeJS

I am having an issue with CORS through Servicestack C# API. I have an angularjs application that is being served up through a nodejs back-end running on a Microsoft Server. NodeJS serves up the angular project just fine and node itself has no issue contacting the Servicestack service that I have running on a different domain but on the same server. The issue comes when I need to make a Microsft Active Directory call to get the current active user. In order to correctly make this call I have to call the Servicestack service from my angularjs project. When I make that call I get No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://domain1:8080' is therefore not allowed access I have other projects that I can make this same call from just fine but for some reason I can't seem to make this one work.

Angularjs call (http://domain1:8080): 

 $http.get("http://domain2/dochelper/GetActiveAccount?format=json", { headers: { "siteprefix": prefix } })
        .then(function successCallback(resp) {
            console.log(resp.data);
        }, function errorCallback(resp) {

        });

Servicestack request: 

[Route("/GetActiveAccount")]
public class GetActiveAccount
{
    public string Id { get; set; }
}

[Authenticate]
public AccountDTO Get(GetActiveAccount request)
{
    AccountDTO obj = new AccountDTO();

    var ses = this.GetSession() as AuthUserSession;

    return obj;
}

Servicestack CORS config: 

            Plugins.Add(new CorsFeature(allowOriginWhitelist: new[] { "http://winexpresstest:8080" },
                allowedMethods: "GET, POST, PUT, DELETE, OPTIONS",
                allowedHeaders: "Content-Type, Authorization, Session-Id, ViewPort-Width, ViewPort-PixelRatio, Accept-Ranges, Pragma, Cache-Control, If-Modified-Since, Access-Control-Allow-Origin, siteprefix",
                allowCredentials: true));

            Plugins.Add(new AuthFeature(() => new AuthUserSession(), new ServiceStack.Auth.IAuthProvider[] {
               new AspNetWindowsAuthProvider(this) {
                    LoadUserAuthFilter = LoadUserAuthInfo,
                    AllowAllWindowsAuthUsers = true
                },
            }));

        }

Upvotes: 2

Views: 165

Answers (1)

mythz
mythz

Reputation: 143389

You'll want to specify the origins in the white list to have the domain explicitly listed in the Access-Control-Allow-Origin HTTP Response header, e.g:

Plugins.Add(new CorsFeature(allowOriginWhitelist: new [] { "http://domain1:8080" },
    allowedMethods: "GET, POST, PUT, DELETE, OPTIONS",
    allowCredentials: false));

Upvotes: 3

Related Questions