Menu
how to intercept an http options request (Cors Preflight) before the windows authentication of IIS ?
I make a middleware and i tryed this :
public async Task Invoke(HttpContext context)
{
if (context.Request.Method.Equals("OPTIONS"))
{
context.Response.StatusCode = 204;
context.Response.Headers.Add("Access-Control-Allow-Origin", new [] {"http://cwfr003320:9393"});
context.Response.Headers.Add("Access-Control-Allow-Credentials", new[] { "true" });
context.Response.Headers.Add("Access-Control-Allow-Methods", new[] { "GET, POST, PUT, DELETE, OPTIONS" });
context.Response.Headers.Add("Access-Control-Allow-Headers", new[] { "Accepts, Content-Type, Origin,Access-Control-Allow-Origin, Access-Control-Allow-Credentials" });
context.Response.Headers.Add("Access-Control-Max-Age", new[] { "3600" });
return;
}
await _next.Invoke(context);
}
But, i get a 401 code for the options request. How i can resolve this error ? With Anonymous authentication it's work correctly...
Thank you in advance.
279
You need to use IIS CORS module to allow preflight requests to go through Windows authentication,
https://blogs.iis.net/iisteam/getting-started-with-the-iis-cors-module
107
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
