0

My website is running fine. Basically I am having some html pages that calls a webapi to get the results and bind the chart. The api only sends the json data and rest is done on html page in script tag.

Now I have to integrate some of my website pages into another website so I have created the html pages but when I run them I am getting Error - 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'null' is therefore not allowed access.

The mvc code:

[HttpGet, Route("DevD"), OutputCache(Duration = 5, VaryByHeader = "Origin")]
public ActionResult GetDevD(double value1)
{
    return Json(_devD, JsonRequestBehavior.AllowGet);
}

private static object _devD;
private static object GetDevD()
{
    dynamic trend = Trend;
    return new
    {
        trend?.day,
        volume = new abc(GetLastTick("JZ"))       
    };
}

In global.ascx

protected void Application_BeginRequest()
{
    var origin = Request.Headers["Origin"];
    if (!string.IsNullOrWhiteSpace(origin) && (origin.EndsWith("abc.com") || origin.EndsWith("www.watrade.net")))
    {
        Response.Headers.Add("Access-Control-Allow-Origin", origin);
        Response.Headers.Add("Access-Control-Allow-Headers", "accept, content-type");
    }
    if (Request.HttpMethod != "OPTIONS") return;
    Response.End();
}

I don't want to use any plugin. What changes should I made in this code so that it runs in my website also and can be integrated in another website also.

Presto
  • 888
  • 12
  • 30
user1254053
  • 755
  • 3
  • 19
  • 55
  • 1
    Which url are you making the request from? Do they always set the "Origin" header? – Tudor Jul 06 '18 at 10:05
  • i am running those html pages from my computer. Some of them runs perfectly and some are getting this error – user1254053 Jul 06 '18 at 10:06
  • Some of them which are running perfectly have code like this : [HttpGet, Route("Volume"), OutputCache(Duration = 15)] public ActionResult GetVolume(int minSize, int bCents) {..} – user1254053 Jul 06 '18 at 10:07
  • Did you debug into the `Application_BeginRequest` to see what is the value of the Origin header? – Tudor Jul 06 '18 at 10:10
  • No..I am running them as individual pages because the chart's datasource calls this web api code to get the data – user1254053 Jul 06 '18 at 10:11
  • The site runs fine in debug mode. It's just that I have to send some of my pages to another developer to integrate them in their website and these individual html pages throws error – user1254053 Jul 06 '18 at 10:13
  • 1
    See https://stackoverflow.com/a/8456586/5947043 - are you loading these pages via `file:///`? – ADyson Jul 06 '18 at 10:20
  • Thanks a lot ADyson - i put the pages on server and run them from there and i don't see any error – user1254053 Jul 06 '18 at 10:29
  • No problem. You shouldn't ever really run pages via `file:///` unless you're just casually looking at static HTML documents. Don't use it for actually testing anything. It doesn't in any way simulate a real webserver environment. Always use a proper server i.e. `http://localhost` for local testing. – ADyson Jul 06 '18 at 12:44

0 Answers0