I don't get a cors error when I run it locally. but when i publish on hosting i get cors error.
error:
Access to XMLHttpRequest at 'https://mp3-api.batuhanfindik.com/api/User/Login' from origin 'https://www.batuhanfindik.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
code:
builder.Services.AddCors(options => options.AddDefaultPolicy(policy => {
policy.WithOrigins(new[] {
"https://www.batuhanfindik.com",
"https://batuhanfindik.com",
"http://www.batuhanfindik.com",
"http://batuhanfindik.com",
"https://www.mp3-api.batuhanfindik.com",
"https://mp3-api.batuhanfindik.com",
"http://www.mp3-api.batuhanfindik.com",
"http://mp3-api.batuhanfindik.com",
"https://localhost:3000",
"https://172.34.1.78:3000",
"https://localhost:3001"
})
.AllowAnyHeader()
.AllowAnyMethod()
.AllowCredentials();
}));
app.UseCors(options =>
options.WithOrigins(new[] {
"https://www.batuhanfindik.com",
"https://batuhanfindik.com",
"http://www.batuhanfindik.com",
"http://batuhanfindik.com",
"https://www.mp3-api.batuhanfindik.com",
"https://mp3-api.batuhanfindik.com",
"http://www.mp3-api.batuhanfindik.com",
"http://mp3-api.batuhanfindik.com",
"https://localhost:3000",
"https://172.34.1.78:3000",
"https://localhost:3001"
})
.AllowAnyHeader()
.AllowAnyMethod()
.AllowCredentials()
);
only in api sub domain. The site the user entered is in the main domain. interface master domain. api subdomain.
Now I fixed it somehow. but this time i don't get cors error from my computer. When I enter from other devices, it gives a cors error.
CodePudding user response:
Please try this once.
private static readonly string MyAllowSpecificOrigins = "_myAllowSpecificOrigins";
builder.Services.AddCors(options =>
{
options.AddPolicy(MyAllowSpecificOrigins,
build =>
{
build.WithOrigins('url-here').AllowAnyHeader().AllowAnyMethod();
});
});
CodePudding user response:
I solved on my project using the following code.
On the startup.cs file in the public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
Add the following line after app.UseRouting
app.UseCors(
options => options.SetIsOriginAllowed(x => _ = true).AllowAnyMethod().WithHeaders(new[] { $"{headersStandard}, {headersLowered}" }).AllowCredentials()
);
I set custom headers so I need to set cors accordingly thus the (with headers)
Then in the public void ConfigureServices(IServiceCollection services)
method add the following line after services.AddControllers();
services.AddCors();