27

If this were a dynamic response, I'd simply do Response.Headers.Add("Access-Control-Allow-Origin", "*"); but I have a static file I'd like to allow cross domain access to.

Is there a way to assign this header to a particular file just using web.config? Say it's just example.com/flat.json

I guess I could route the file to dynamic page, but that would be a bit silly.

Mario S
  • 11,715
  • 24
  • 39
  • 47
FlavorScape
  • 13,301
  • 12
  • 75
  • 117

1 Answers1

62

This should work

<location path="Sample.txt">
    <system.webServer>
      <httpProtocol>
        <customHeaders>
          <add name="Access-Control-Allow-Origin" value="*" />
        </customHeaders>
      </httpProtocol>
    </system.webServer>
  </location>
Tariqulazam
  • 4,535
  • 1
  • 34
  • 42
  • 2
    Ah yes, always forget about the location element. – FlavorScape Oct 25 '12 at 19:44
  • hi, after I added the location element i stopped being able to download it. If i make a request from my browser to this file, it says 404 the directory can not be found. – user123456 Apr 22 '15 at 14:38
  • What if I want certain web to call it? – Si8 Mar 30 '17 at 18:30
  • 2
    Hi @Si8, you can modify the value property of the Access-Control-Allow-Origin header to allow certain website to have access. For more details see http://stackoverflow.com/questions/10636611/how-does-access-control-allow-origin-header-work – Tariqulazam Mar 30 '17 at 21:00
  • why location element is important here? Please help me to understand – Jeya Suriya Muthumari Sep 18 '20 at 11:46
  • 1
    Hi @JeyaSuriyaMuthumari - Because you want to allow cross-domain access only for the specific file mentioned in the location path attribute. If you don't use location element here, the cross domain access will be open for everything. – Tariqulazam Sep 21 '20 at 03:48