asp.net web api2 - OWIN and CORS - One CORS Header to rule them all? -
there seems lots of different answers on define cors headers when using owin. have seen these ...
1) add grantresourceownercredentials
method
context.owincontext.response.headers.add("access-control-allow-origin", new[] { allowedorigin });
2) in configuration(iappbuilder app)
method of startup.cs
app.usecors(microsoft.owin.cors.corsoptions.allowall);
3) add web.config
<system.webserver> <httpprotocol> <customheaders> <add name="access-control-allow-origin" value="*" /> <add name="access-control-allow-headers" value="content-type" /> <add name="access-control-allow-methods" value="get, post, put, delete, options" /> </customheaders> </httpprotocol> </system.webserver>
when try multiple options error saying duplicate cors headers , therefore none of them allowed.
is there single place can define cors policy respected browser?
Comments
Post a Comment