Access to XMLHttpRequest at 'http://localhost...' from origin has been blocked by CORS policy:

Question

I have a .net core app which has a REST API being used by an angular client but running into CORS issue.

In the .net core, I already have

app.UseCors(); 

in the configure method as well as has set the response headers to

Access-Control-Allow-Headers *
Access-Control-Allow-Methods *
Access-Control-Allow-Origin *

but still getting the error in the client (running on port 4200 locally):

Access to XMLHttpRequest at 'http://localhost/myAPI/api/Table' from origin 'http://localhost:4200' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: It does not have HTTP ok status.

Answer 1

if use web api you can use this code :

public override Task TokenEndpointResponse(OAuthTokenEndpointResponseContext context)
{
    context.Response.Headers.Add("Access-Control-Allow-Origin", new[] { "*" });
    return base.TokenEndpointResponse(context);
}

Answer 2

What I did was add cors to the configure services method:

    services.AddCors(options =>
            {
                options.AddPolicy("CorsPolicy", builder =>
                {
                    builder.AllowAnyHeader()
                    .AllowAnyMethod()
                    .AllowCredentials();
                });
            });

and then in the Configure method

 app.UseCors("CorsPolicy");

Answer 3

Pass-through for preflight requests:

if (context.Request.Method == "OPTIONS")
    {
     return;
    }

Also Read this: Enable Cross-Origin Requests (CORS) in ASP.NET Core