Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

AspNetCore.SignalR 2.1 and CORS

I'm migrating our SignalR-Service to the new AspNetCore.SignalR (2.1 preview) and now I get problems with CORS. I will never access the service from the same origin, so I need to disable CORS in general.

I have the folowing CORS policy

services.AddCors(
            options => options.AddPolicy("AllowCors",
                builder =>
                {
                    builder
                        .AllowAnyOrigin()
                        .AllowCredentials()
                        .AllowAnyHeader()
                        .AllowAnyMethod();
                })
        );

(My WebApi-Controller calls from a different origin are working fine with these policy)

With the old preview package of SignalR for AspNetCore (AspNetCore.SignalR.Server) I don't got any problems but now, my test client got some http-405 which seems like an issue with CORS.

Is there maybe a extra CORS configuration for SignalR, or do I need to allow something else?

Edit: I created a fresh/clean sample project without any special middleware to check If the error happens here and it does.

Sample WebApplication | startup.cs

using System;
using System.Collections.Generic;
using System.Linq;
using System.Threading.Tasks;
using Microsoft.AspNetCore.Builder;
using Microsoft.AspNetCore.Hosting;
using Microsoft.Extensions.Configuration;
using Microsoft.Extensions.DependencyInjection;
using Microsoft.Extensions.Logging;
using Microsoft.Extensions.Options;
using WebApplication1.HUBs;

namespace WebApplication1
{
    public class Startup
    {
        public Startup(IConfiguration configuration)
        {
            Configuration = configuration;
        }

        public IConfiguration Configuration { get; }
        public void ConfigureServices(IServiceCollection services)
        {
            services.AddCors(
                options => options.AddPolicy("AllowCors",
                    builder =>
                    {
                        builder
                            .AllowAnyOrigin()
                            .AllowCredentials()
                            .AllowAnyHeader()
                            .AllowAnyMethod();
                    })
            );
            services.AddMvc();
            services.AddSignalR(options =>
            {
            });
        }
        public void Configure(IApplicationBuilder app, IHostingEnvironment env)
        {
            if (env.IsDevelopment())
            {
                app.UseDeveloperExceptionPage();
            }

            app.UseCors("AllowCors");
            app.UseMvc();
            app.UseSignalR(routes =>
            {
                routes.MapHub<TestHub>("/test");
            });
        }
    }
}

Sample Winforms Application

        private HubConnection _hubConnection;
    private void button1_Click(object sender, EventArgs e)
    {
        var connection = new HubConnectionBuilder().WithUrl("http://localhost:63771/test")
            .WithConsoleLogger()
            .WithTransport(Microsoft.AspNetCore.Sockets.TransportType.WebSockets)
            .Build();
        connection.StartAsync();
    }

Sample Winforms Application ConsoleOutput

fail: Microsoft.AspNetCore.Sockets.Client.HttpConnection[8]
   01/10/2018 15:25:45: Failed to start connection. Error getting negotiation response from 'http://localhost:63771/test'.
System.Net.Http.HttpRequestException: Response status code does not indicate success: 405 (Method Not Allowed).
   bei System.Net.Http.HttpResponseMessage.EnsureSuccessStatusCode()
   bei Microsoft.AspNetCore.Sockets.Client.HttpConnection.<Negotiate>d__42.MoveNext()
like image 928
slxSlashi Avatar asked Jan 10 '18 11:01

slxSlashi


People also ask

Does SignalR require Websockets?

SignalR uses the new WebSocket transport where available and falls back to older transports where necessary. While you could certainly write your app using WebSocket directly, using SignalR means that a lot of the extra functionality you would need to implement is already done for you.


2 Answers

This didn't work for me and a subtly different version did -

public void Configure(IApplicationBuilder app, IHostingEnvironment env)
{
  ...
  app.UseCors(builder => builder
    .AllowAnyHeader()
    .AllowAnyMethod()
    .SetIsOriginAllowed((host) => true)
    .AllowCredentials()
  );

  app.UseSignalR(routes => { routes.MapHub<ChatHub>("/chatHub"); });
  app.UseMvc();
}
like image 183
Ian Grainger Avatar answered Sep 20 '22 15:09

Ian Grainger


Try to move app.UseSignalR() on top of app.UseMvc() like this

app.UseCors("AllowCors");
app.UseSignalR(routes =>
    {
        routes.MapHub<TestHub>("/test");
    });
app.UseMvc();
like image 42
user9496864 Avatar answered Sep 17 '22 15:09

user9496864