asp.net web api2 - OWIN and CORS - One CORS Header to rule them all? -


there seems lots of different answers on define cors headers when using owin. have seen these ...

1) add grantresourceownercredentials method

context.owincontext.response.headers.add("access-control-allow-origin", new[] { allowedorigin }); 

2) in configuration(iappbuilder app) method of startup.cs

app.usecors(microsoft.owin.cors.corsoptions.allowall); 

3) add web.config

 <system.webserver>    <httpprotocol>      <customheaders>         <add name="access-control-allow-origin" value="*" />         <add name="access-control-allow-headers" value="content-type" />         <add name="access-control-allow-methods" value="get, post, put, delete, options" />      </customheaders>    </httpprotocol>  </system.webserver> 

when try multiple options error saying duplicate cors headers , therefore none of them allowed.

is there single place can define cors policy respected browser?


Comments

Popular posts from this blog

java - nested exception is org.hibernate.exception.SQLGrammarException: could not extract ResultSet Hibernate+SpringMVC -

sql - Postgresql tables exists, but getting "relation does not exist" when querying -

asp.net mvc - breakpoint on javascript in CSHTML? -