Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

ASP.NET Core Web Api sending Access-Control-Allow-Origin: null CORS header and chrome is erroring, how to fix?

Tags:

c#

.net

cors

asp.net-core

asp.net-core-webapi

Yesterday I managed to have my API working on my local computer, however today (same code) on another computer, it's not working, I am getting this error on the console:

Failed to load http://localhost:52056/api/task: The 'Access-Control-Allow-Origin' header has a value 'null' that is not equal to the supplied origin. Origin 'null' is therefore not allowed access.

Here is the http request and response on Chrome:

enter image description here

(I don't see errors in IE/Firefox)

Here is my startup class (using .net core 2)

using System;
using System.Collections.Generic;
using System.Linq;
using System.Threading.Tasks;
using Microsoft.AspNetCore.Builder;
using Microsoft.AspNetCore.Hosting;
using Microsoft.Extensions.Configuration;
using Microsoft.Extensions.DependencyInjection;
using Microsoft.Extensions.Logging;
using Microsoft.Extensions.Options;
using TodoApi;

namespace TestCors
{
    public class Startup
    {
        public Startup(IConfiguration configuration)
        {
            Configuration = configuration;
        }

        public IConfiguration Configuration { get; }

        // This method gets called by the runtime. Use this method to add services to the container.
        public void ConfigureServices(IServiceCollection services)
        {
            services.AddSingleton<ITaskWarehouse, TaskWarehouse>();

            services.AddCors();
            services.AddMvc();
        }

        // This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
        public void Configure(IApplicationBuilder app, IHostingEnvironment env)
        {
            if (env.IsDevelopment())
            {
                app.UseDeveloperExceptionPage();
            }

            app.UseCors(builder => builder
                    .AllowAnyOrigin()
                    .AllowAnyMethod()
                    .AllowAnyHeader()
                    .AllowCredentials());
            app.UseMvc();
        }
    }
}

What is wrong here? The code is the same from yesterday, however I was running on Windows 10 and this machine has Windows 7. Any thoughts? Thanks

like image 547
TiagoM Avatar asked Mar 15 '18 13:03

TiagoM

1 Answers

Try removing

.AllowCredentials()

CORS doesn't allow you to have .AllowCredentials() AND .AllowAnyOrigin() for the same policy. I don't why it worked on a different machine.

This is from ASP.NET page

The CORS spec also states that setting origins to "*" is invalid if SupportsCredentials is true.

like image 194
Simply Ged Avatar answered Sep 26 '22 01:09

Simply Ged
Sign in to Comment

Related questions

Can't get result from task list
Adding COM Objects to Asp Net Core
UWP NavigationView is not supported
C# Returning a generic interface from a factory
How do I use converters in Xamarin.Forms to convert text to color?
Where does ASP.Net Core `cookies authentication` store a reference to that cookie?
Testing ASP Net Core Application with SQLite throws unknown function: newid()
"Method not found" exception. Why AppDomain.CurrentDomain.AssemblyResolve doesn't work?
Execute long time command in SSH.NET and display the results continuously in TextBox
signalr unity3d connection
Convert Gmail Date to your DateTime as displayed in Gmail Account
How secure is the WPF PasswordBox, really?
Mask domain email address using regular expression
Cannot serialise to XML in ASP.NET Core 2
Graph API get users from Azure AD
Create an image from byte[] using ImageSharp
Infer generic type with two generic type parameters [duplicate]
false "missing assembly reference" in visual studio 2017
Use login_hint with OpenID
Microsoft Graph - Filtering in SDK C#

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!