Menu
I, am using the SignalR features on angular 6 and asp.net core. But keep getting this error Response to preflight request doesn't pass access control check: The value of the 'Access-Control-Allow-Credentials' header in the response is '' which must be 'true' when the request's credentials mode is 'include'.
Did some research and found that it is CORS issue from the server side.So modified the server code.
startup.cs
public void ConfigureServices(IServiceCollection services)
{
services.AddCors(o => o.AddPolicy("CorsPolicy", builder =>
{
builder.AllowAnyOrigin()
.AllowAnyMethod()
.AllowAnyHeader()
.WithOrigins("http://localhost:4200");
}));
services.AddSignalR();
}
public void Configure(IApplicationBuilder app, IHostingEnvironment env)
{
app.UseCors("CorsPolicy");
app.UseSignalR(routes =>
{
routes.MapHub<SignalR>("/rule");
});
}
angular app
ngOnInit() {
this.callSignalR()
}
private callSignalR(): void {
// set up the signal R
let connection = new signalR.HubConnectionBuilder().withUrl(environment.baseUrl+"/rule").build();
//start the connection
connection.start().then(() => connection.invoke("updateRules", this.autheService.getCurrentuser.userId));
//Get the response from the server
connection.on("updateRules", data => {console.log(data);});
}
references
Access-Control-Allow-Origin - Angular 5
'Access-Control-Allow-Credentials' header in the response is '' which must be 'true'
https://github.com/aspnet/SignalR/issues/2095
https://github.com/SignalR/SignalR/issues/1694
https://github.com/aspnet/SignalR/issues/2110
905
Simple Requests. Another way to avoid Preflight requests is to use simple requests. Preflight requests are not mandatory for simple requests, and according to w3c CORS specification, we can label HTTP requests as simple requests if they meet the following conditions. Request method should be GET , POST , or HEAD .
The Access-Control-Allow-Credentials response header tells browsers whether to expose the response to the frontend JavaScript code when the request's credentials mode ( Request. credentials ) is include . When a request's credentials mode ( Request.
The CORS request requires preflight, preflighting could not be performed. There are a couple of reasons why preflighting might fail: A cross-site request has previously been performed that already did a preflight, and doing the preflight again is not permitted. Make sure your code only preflights once per connection.
How Access to XMLHttpRequest has been blocked by CORS policy Redirect is not allowed for a preflight request only one route Error Occurs ? Just Disable CORS policy security. Go to google extension and search for Allow-Control-Allow-Origin. Now add it to chrome and enable.
You must allow credentials for your cors-policy because signalr is passing cookies as well.
public void ConfigureServices(IServiceCollection services)
{
services.AddCors(o => o.AddPolicy("CorsPolicy", builder =>
{
builder.AllowAnyOrigin()
.AllowAnyMethod()
.AllowAnyHeader()
.AllowCredentials()
.WithOrigins("http://localhost:4200");
}));
services.AddSignalR();
}
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
