Menu
I see that .NET Core 3.x comes with a new special configuration AllowedHosts used to list hosts allowed to access the site while this option already exists with CORS (app.UseCors).
What's the difference between these two options?
761
As per the documentation, allowedHosts is used for host filtering to bind your app to specific hostnames. For example, if you replace following: "AllowedHosts": "*" with "AllowedHosts": "example.com" and you try to access your app using http://localhost:xxxx/ address you will get default bad request (400) response.
The appsettings. json file is generally used to store the application configuration settings such as database connection strings, any application scope global variables, and much other information.
Of course, we can add and use multiple appsettings. json files in ASP.NET Core project. To configure and read data from your custom json files, you can refer to the following code snippet.
As per the documentation, allowedHosts is used for host filtering to bind your app to specific hostnames. For example, if you replace following:
"AllowedHosts": "*" with
"AllowedHosts": "example.com" and you try to access your app using http://localhost:xxxx/ address you will get default bad request (400) response.
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"> <HTML> <HEAD> <TITLE>Bad Request</TITLE> <META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"> </ HEAD> <BODY> <h2>Bad Request - Invalid Hostname</h2> <hr> <p>HTTP Error 400. The request hostname is invalid.</p> </BODY> </HTML> Because of the host-filtering middleware not allowing the app to bind the app to any other hostname except example.com.
CORS, on the other hand, is to control which hosts try accessing a resource (API) on your app.
107
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
