-1

I have an application which is developed in 4.8 framework and another application .NET 8.0. The one in 4.8 is where I am developing the API's and consuming in the other project. I added this in web.config but no luck. Initially I got it when I am using a GET call but after adding this it was good. But the same is not working for POST call so can some one let me know what changes I need to do

<customHeaders>
    <add name="Access-Control-Allow-Origin" value="*" />
    <add name="Access-Control-Allow-Headers" value="Content-Type" />
    <add name="Access-Control-Allow-Methods" value="GET,POST,PUT,DELETE,OPTIONS" />
    <add name="Access-Control-Allow-Credentials" value="true" />
</customHeaders>

Here is my controller

public class CustomerController : ApiController
{
   [Route("api/process-all-ids")]
   [HttpPost]
   public async Task<IHttpActionResult> ProcessAllIds([FromBody] List<int> ids)
   {
   }
}
Improve this question
3

1 Answer 1

Reset to default
0

This is what I tried and it worked removed the web.config settings related to CORS and added the following

Removed this from config

<customHeaders>
    <add name="Access-Control-Allow-Origin" value="*" />
    <add name="Access-Control-Allow-Headers" value="Content-Type" />
    <add name="Access-Control-Allow-Methods" value="GET,POST,PUT,DELETE,OPTIONS" />
    <add name="Access-Control-Allow-Credentials" value="true" />
</customHeaders>

protected void Application_BeginRequest(object sender, EventArgs e)
{
    var originHeader = Request.Headers["Origin"];
    if (!string.IsNullOrEmpty(originHeader))
    {
        Response.Headers.Remove("Access-Control-Allow-Origin");
        Response.Headers.Remove("Access-Control-Allow-Methods");
        Response.Headers.Remove("Access-Control-Allow-Headers");
        Response.Headers.Remove("Access-Control-Allow-Credentials");

        Response.Headers.Add("Access-Control-Allow-Origin", originHeader);
        Response.Headers.Add("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE, OPTIONS");
        Response.Headers.Add("Access-Control-Allow-Headers", "Content-Type, Accept, Authorization");
        Response.Headers.Add("Access-Control-Allow-Credentials", "true");

        if (Request.HttpMethod == "OPTIONS")
        {
            Response.StatusCode = 200;
            Response.End();
        }
    }
}
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.