✅ CORS issue when making GET request to server running asp application.

Hi,

I have this api: https://wsapi.tyrells.net/api/categories
And this webapp: https://wordsearch.tyrells.net/

This is the CORS code in the api:

var app = builder.Build();

app.UseCors(builder => builder.WithOrigins(["https://wordsearch.tyrells.net/", "https://wordsearch-tyrells-net.pages.dev/"])
    .AllowAnyHeader()
    .AllowAnyMethod()
    .AllowCredentials());

var app = builder.Build();

app.UseCors(builder => builder.WithOrigins(["https://wordsearch.tyrells.net/", "https://wordsearch-tyrells-net.pages.dev/"])
    .AllowAnyHeader()
    .AllowAnyMethod()
    .AllowCredentials());

This is the error in the webapp console:

Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://wsapi.tyrells.net/api/categories. (Reason: CORS header ‘Access-Control-Allow-Origin’ missing). Status code: 200.

Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://wsapi.tyrells.net/api/categories. (Reason: CORS header ‘Access-Control-Allow-Origin’ missing). Status code: 200.

The server receives the request when fetching from the webapp.

info: Microsoft.EntityFrameworkCore.Database.Command[20101]
      Executed DbCommand (14ms) [Parameters=[], CommandType='Text', CommandTimeout='30']
      SELECT "c"."name", "c"."id"
      FROM "categories" AS "c"

info: Microsoft.EntityFrameworkCore.Database.Command[20101]
      Executed DbCommand (14ms) [Parameters=[], CommandType='Text', CommandTimeout='30']
      SELECT "c"."name", "c"."id"
      FROM "categories" AS "c"

Making a GET request works fine when opening https://wsapi.tyrells.net/api/categories in browser.

Have I done something blatantly incorrect? I have no idea where I've gone wrong.

Thanks

✅ CORS issue when making GET request to server running asp application.

Similar Threads