0

I built an ASP.NET core Web API (net core 3.1), and I try to enable CORS but it seems not working.

Startup.cs:

public void ConfigureServices(IServiceCollection services)
{
    services.AddCors(options =>
    {
        options.AddPolicy("AllowMyOrigin",
        builder =>
        {
            builder.SetIsOriginAllowed(t => true)
            .AllowCredentials();
        });
    });
    ...
}


public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
{
    if (env.IsDevelopment())
    {
        app.UseDeveloperExceptionPage();
    }

    //app.UseHttpsRedirection();


    app.UseRouting();

    app.UseCors("AllowMyOrigin");

    app.UseAuthentication();
    app.UseAuthorization();

    app.UseEndpoints(endpoints =>
    {
        endpoints.MapControllers();
    });
    app.UseHttpsRedirection();
}

Controller:

[Route("api/[controller]")] 
[ApiController]
public class airdata_updateController : ControllerBase
{
    [EnableCors("AllowMyOrigin")]
    [HttpGet]
    public string test()
    {
        return "ok";
    }

    ...
}

I use Postman test my API on local computer and it working well: local computer

But I use Postman on other computer in the same LAN to call my API, it failed: other computer

What should I do?

Improve this question
4
  • 1
    That's not a CORS issue at all. The error message says right there that you have a connection timeout issue. Check your firewall settings and if your development web-server is configured to allow remote connections. Commented Jul 12, 2020 at 4:13
  • You need listen not only in local host, you need also listen in local network interface. Commented Jul 12, 2020 at 4:15
  • help link: learn.microsoft.com/en-us/aspnet/core/security/… and stackoverflow.com/questions/44379560/… Commented Jul 12, 2020 at 4:32
  • Thank you, Dai! You are right, it is firewall issue. Commented Jul 12, 2020 at 5:31

2 Answers 2

Reset to default
0

Try this:

    public void ConfigureServices(IServiceCollection services)
    {
        ...
        
         services.AddCors();

        ...
    }

    public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
    {
       ...
       
        app.UseCors(
            options => options.AllowAnyOrigin().AllowAnyHeader().AllowAnyMethod()
        );

       ...
    }

You won't need any decorators in your controller methods, the specified CORS policy ( AllowAnyOrigin, AllowAnyHeader, AllowAnyMethod) is applied in all of them. In order to customize the policy, check https://learn.microsoft.com/en-us/aspnet/core/security/cors?view=aspnetcore-3.1

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

Thanks for your reply! I tried it but CORS still not working.
0

maybe this option can help you.

services.AddCors(options =>
            {
                options.AddPolicy("AllowMyOrigin",
                    builder => builder
                        .AllowAnyMethod()
                        .AllowAnyHeader()
                        .AllowAnyOrigin()

                );
            });
Improve this answer

Comments

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.