Reputation: 317
.Net Core 3.1, cors policy issue although followed Documentation
.Net Core 3.1
I followed a default policy from the official doc. https://learn.microsoft.com/en-us/aspnet/core/security/cors?view=aspnetcore-3.1
It is giving me an error from react app. I am not sure what I did wrong here.
Upvotes: 1
Views: 273
Answers (1)
Reputation: 10221
As you can read here
Unauthenticated preflight requests fail when CORS Middleware comes after Authentication Middleware.
This gets ugly here now because we don't also say that Static File Middleware has to come after CORS Middleware in scenarios where static files require CORS.
We sought to address this in a general way on #10839 because any middleware that may use CORS has to come after the CORS Middleware to work.
Perhaps, that PR (for the CORS topic) didn't go far enough. I did a quick search on the repo, and I don't see a single sample or text reference specifically for CORS and Auth Middleware ordering. I can open an issue to address it further in the CORS topic, but I'm 🏃 for a bit if you want me to work it.
For now, I'll ping for engineering. First tho, I'll try to touch this up for static files.
As you already know, the order of middleware execution in dotnetcore is important and it seems that the documentation is out of date, so place your policy before app.UseStaticFiles();
All the best
Upvotes: 3
Related Questions
- Problem in enabling CORS in asp net core web api v3.0
- CORS policy errors
- Unexpected behavior with CORS on .NET Core
- ASP.NET Core API Enabling Cors not working
- Asp.net Core 3.0 CORS not working based on official documentation
- Configure Strict Cors .Net Core 3.1
- .NET Core 2.2 CORS Not Allowing Requests
- CORS policy Bug
- CORS in .NET Core 3.0
- NET Core Cors throws error