1

installed my PC and installed all the service packs and patches.

But i just can not get my Angular Website to communicate with the WebApi. I keep getting the following message when i try to verify the UserName and password.

Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at http://myLocaldeployedSite:89/api/Account/GetUserByPost/. This can be fixed by moving the resource to the same domain or enabling CORS.

http://myLocaldeployedSite:89/ is my WebApi that is deployed into IIS.

I have the following code changes in my code (as per the brockallen blog http://brockallen.com/2012/10/18/cors-iis-and-webdav/):

WebApi (web.config): 

<system.webServer>
<modules runAllManagedModulesForAllRequests="true">
  <remove name="WebDAVModule" />
</modules>
<handlers>
  <remove name="WebDAV" />
  <remove name="ExtensionlessUrlHandler-ISAPI-4.0_32bit" />
  <remove name="ExtensionlessUrlHandler-ISAPI-4.0_64bit" />
  <remove name="ExtensionlessUrlHandler-Integrated-4.0" />
  <add name="ExtensionlessUrlHandler-ISAPI-4.0_32bit" path="*." verb="GET,HEAD,POST,DEBUG,PUT,DELETE,PATCH,OPTIONS" modules="IsapiModule" scriptProcessor="%windir%\Microsoft.NET\Framework\v4.0.30319\aspnet_isapi.dll" preCondition="classicMode,runtimeVersionv4.0,bitness32" responseBufferLimit="0" />
  <add name="ExtensionlessUrlHandler-ISAPI-4.0_64bit" path="*." verb="GET,HEAD,POST,DEBUG,PUT,DELETE,PATCH,OPTIONS" modules="IsapiModule" scriptProcessor="%windir%\Microsoft.NET\Framework64\v4.0.30319\aspnet_isapi.dll" preCondition="classicMode,runtimeVersionv4.0,bitness64" responseBufferLimit="0" />
  <add name="ExtensionlessUrlHandler-Integrated-4.0" path="*." verb="GET,HEAD,POST,DEBUG,PUT,DELETE,PATCH,OPTIONS" type="System.Web.Handlers.TransferRequestHandler" preCondition="integratedMode,runtimeVersionv4.0" />
</handlers>

the headers for the call that i am making looks like this...

    Host: localhost:89

User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:29.0) Gecko/20100101 Firefox/29.0

Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8

Accept-Language: en-US,en;q=0.5

Accept-Encoding: gzip, deflate

Origin: `http://localhost:2825`

Access-Control-Request-Method: POST

Access-Control-Request-Headers: content-type

Connection: keep-alive

Pragma: no-cache

Cache-Control: no-cache

the response in fiddler is a 200 - OK but in Firebug it displays the message mentioned above.

Here is also the image of the message : enter image description here

And here is the response i found in Fire Bug : enter image description here

But still i don't get the website to connect to my WebApi.

Please can someone assist. Have already referenced quite a few of the links in StackOverflow but have not succeeded yet so I hope that someone can assist.

Thank you.

Gremlin1708
  • 91
  • 1
  • 1
  • 13

2 Answers2

1

Ok I managed to resolve it. Because i copied the folder over every time before I formatted my PC I kept on having the same Web.Config settings in my files.

Thanks to this link on Stack Overflow and Batterang (Chrome) I managed to solve this issue. I removed the following line from my web.config and everything was resolved.

<!--<add name="Access-Control-Allow-Origin" value="*" />-->

Thanks for all the help and suggestions.

Community
  • 1
  • 1
Gremlin1708
  • 91
  • 1
  • 1
  • 13
0

Try this in your WebAPI:

public static class WebApiConfig
{
  public static void Register(HttpConfiguration config)
  {

    // do stuff

    var cors = new EnableCorsAttribute("*", "*", "*") {SupportsCredentials = true};
    config.EnableCors(cors);
  }
}
Dunken
  • 8,481
  • 7
  • 54
  • 87
  • I have this line of code already in my Config. Still doesn't want to work – Gremlin1708 May 12 '14 at 20:45
  • Ok I am back and i am sorry to say that this also did not work. – Gremlin1708 May 13 '14 at 16:24
  • I also had to add credentials on the client-side `xhrFields: { withCredentials: true }`... – Dunken May 14 '14 at 12:23
  • I am starting to think its something specific to my Windows 7 x64 and IIS on this computer. I installed the same application and WebApi on my Laptop and everything works on there... I will uninstall .Net 4.0, IIS and then re-install them again and hope that its maybe something in the installation that went wonky the first time round. – Gremlin1708 May 14 '14 at 17:42
  • I have gone as far as to re-install my computer AGAIN (2nd time) and still i am unable to get this to work. I have now also downloaded Chrome and Batterang. This is the response headers that i get from there. I hope this provides maybe more detail to someone that can help me. I am desperate. – Gremlin1708 May 20 '14 at 17:35
  • Request Headers :(Sorry for the bad Format) OPTIONS http://localhost:14918/api/Account/GetUserByPost/ HTTP/1.1 Host: localhost:14918 Proxy-Connection: keep-alive Access-Control-Request-Method: POST Origin: http://10.0.0.103:88 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/34.0.1847.137 Safari/537.36 Access-Control-Request-Headers: accept, content-type Accept: */* Referer: http://10.0.0.103:88/ Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 – Gremlin1708 May 20 '14 at 17:38
  • Response Headers :(Sorry for the bad Format) HTTP/1.1 200 OK Cache-Control: no-cache Pragma: no-cache Expires: -1 Server: Microsoft-IIS/8.0 Access-Control-Allow-Origin: * Access-Control-Allow-Headers: content-type X-AspNet-Version: 4.0.30319 X-SourceFiles: =?UTF-8?B?RTpcR2l0XFRyYWluaW5nXFRyYWluaW5nV2ViQXBpXGFwaVxBY2NvdW50XEdldFVzZXJCeVBvc3Rc?= X-Powered-By: ASP.NET Access-Control-Allow-Origin: * Access-Control-Allow-Headers: Authorization,Origin, X-Requested-With, Content-Type, Accept Date: Tue, 20 May 2014 17:31:45 GMT Content-Length: 0 – Gremlin1708 May 20 '14 at 17:38