Reputation: 34129
Enable CORS for any port on localhost
in asp.net core i can use middleware to enable CORS on certain methods as described here
i want to know if its possible to enable CORS for any scheme and any port on localhost ( for testing purpose only). i tried wildcard and it does not work
public void ConfigureServices(IServiceCollection services)
{
services.AddCors(options =>
{
if(_environment.IsDevelopment())
{
options.AddDefaultPolicy(
builder =>
{
builder.WithOrigins("http://localhost/*",
"https://localhost/*");
});
});
}
else
{
options.AddDefaultPolicy(
builder =>
{
builder.WithOrigins("http://example.com",
"http://www.contoso.com");
});
});
}
services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_2_2);
}
Upvotes: 56
Views: 44155
Answers (3)
Reputation: 1827
This is a bit of an older post and the examples above did not work for me.
Following this guide on Microsoft site it worked.
My Example localhost (React front end calling .NET Api). See the blocks marked CORS. The original with port localhost:5174 is the React site on localhost.
public static void Main(string[] args) {
var builder = WebApplication.CreateBuilder(args);
// Add services to the container.
builder.Services.AddControllers();
//CORS-----------------------------
var specificOrgins = "AppOrigins";
builder.Services.AddCors(options =>
{
options.AddPolicy(name: specificOrgins,
policy =>
{
policy.WithOrigins("http://localhost:5174");
});
});
//CORS-----------------------------
var app = builder.Build();
//CORS-----------------------------
app.UseCors(specificOrgins);
//CORS-----------------------------
// Configure the HTTP request pipeline.
app.UseAuthorization();
app.MapControllers();
app.Run();
}
Upvotes: 2
Reputation: 93213
ASP.NET Core's SetIsOriginAllowed method gives you full control over whether or not an origin is allowed to participate in CORS. Here's an example based on your code sample:
if(_environment.IsDevelopment())
{
options.AddDefaultPolicy(builder =>
{
builder.SetIsOriginAllowed(origin => new Uri(origin).Host == "localhost");
});
}
else
{
// ...
}
The origin value passed in to the SetIsOriginAllowed delegate is the full origin, which looks something like http://localhost:8080. Using Uri, the code above compares the Host against localhost, which ends up allowing all localhost origins.
Upvotes: 102
Reputation: 9
I'm currently using this for testing and it works, if you take the wildcard off yours should work.
public void ConfigureServices(IServiceCollection services)
{
services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_2_1);
services.AddMvc();
services.AddCors(options =>
{
options.AddPolicy(MyAllowSpecificOrigins,
builder =>
{
builder.WithOrigins("http://localhost");
});
});
services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_2_1);
}
Upvotes: -5
Related Questions
- How to enable CORS in ASP.NET Core
- How to enable CORS in Asp.Net Core 3.0 WebAPI
- How to enable Cors for every type of request in asp.net core 3.1
- Allow Cors Origin in ASP.NET Core
- .Net Core Configure CORS to allow all subdomains and all localhost ports at the same time
- ASP.NET Core API Enabling Cors not working
- Configure Strict Cors .Net Core 3.1
- CORS policy blocking for localhost on AspNetCore
- CORS issue with port
- Exception when trying to enable CORS globally