From the course: ASP.NET: Security

Unlock the full course today

Join today to access over 22,600 courses taught by industry experts or purchase this course individually.

Enabling CORS in ASP.NET Web API

Enabling CORS in ASP.NET Web API

From the course: ASP.NET: Security

Start my 1-month free trial

Enabling CORS in ASP.NET Web API

- [Instructor] In our application, we also have one cross-domain call in our main layout page, which is the basis for all the pages in our app. query our Temperature API. But, unfortunately, it's a cross-domain call, You can validate this in the browser. If you open up the F12 tools, go to the console, we see that, yeah, access to an XMLHTTPRequest was blocked due to CORS. And if you go to the network tab, actually, let me zoom out before we do this, and then filter by XMLHTTPRequests, the request to temperature, I mean, if we load it directly in the browser, it works. Right? But if we have a look at the headers, we see that the request headers include the origin that has automatically be set, was sent to the browser, again was sent to the server, but no Access-Control-Allow-Origin comes back. And therefore, this cross-domain call doesn't work, yet. If you want to use CORS in ASP.NET on the server side, basically we are talking about Web API because it only makes sense if you have…

Contents