Reputation: 3417
ASP.NET Core 8 Web API Cors blocked only into POST
This is my Program.cs file:
using BackendTemplate.Utils;
using Microsoft.AspNetCore.Authentication.JwtBearer;
using Microsoft.IdentityModel.Tokens;
using System.Text;
var builder = WebApplication.CreateBuilder(args);
builder.Services.AddControllers();
// Learn more about configuring Swagger/OpenAPI at https://aka.ms/aspnetcore/swashbuckle
builder.Services.AddEndpointsApiExplorer();
builder.Services.AddSwaggerGen();
builder.Services.AddAuthorization();
builder.Services.AddCors(o => o.AddPolicy("MyPolicy", builder =>
{
builder.WithOrigins("*")
.AllowAnyMethod()
.AllowAnyHeader()
.AllowAnyOrigin();
}));
var app = builder.Build();
// Configure the HTTP request pipeline.
if (app.Environment.IsDevelopment())
{
app.UseSwagger();
app.UseSwaggerUI();
}
app.UseHttpsRedirection();
app.UseCors("MyPolicy");
app.UseAuthentication();
app.UseAuthorization();
app.MapControllers();
app.Run();
This is my controller
[HttpPost]
public ApiResponse<string> Post([FromBody] UsrUser user)
{
// .....
}
Only the POST generates a CORS error; the GET works correctly.
This is my error on Angular console:
Access to XMLHttpRequest at 'https://mydns/api/login' from origin 'http://localhost:4200' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
I cannot understand how to solve this problem, is the first time this happens to me.
Upvotes: 2
Views: 320
Answers (1)
Reputation: 160
This is not .NET 8's fault, there were multiple questions years before .NET 8 is released (ok some questions are related to .NET 8 but it's innocent):
- JavaScript XMLHttpRequest using JsonP
- Asp.net Core CORS works with GET but not wit POST
- How can I fix my cors error in ASP.NET Core 8 app?
- CorsPolicy error after upgrading to .NET 8
The root cause is CORS preflight request.
Some answers involved JSONP but I chose the simplest solution: skip the preflight request.
You can edit your request so that the browser will not send preflight request, according to the docs:
- https://learn.microsoft.com/en-us/aspnet/core/security/cors?view=aspnetcore-8.0#preflight-requests
- https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS#simple_requests
Upvotes: 0
Related Questions
- How to enable CORS in ASP.net Core WebAPI
- Why doesn't adding CORS headers to an OPTIONS route allow browsers to access my API?
- Return file in ASP.Net Core Web API
- How to enable CORS in ASP.NET Core
- Getting only response header from HTTP POST using cURL
- How to enable cors in ASP.NET Core 6.0 Web API project?
- How to add custom header to ASP.NET Core Web API response
- ASP.NET core web api middleware overriding cors