0

We have web application (jQuery Ajax requests) running within our organisation that sits on an public facing web server (IIS). This public facing application communicates with an ASP.NET .Net Core Web Api to retrieve data from the database. The .Net Core Web Api is sat behind a firewall on a web server only accessible within our organisation.

When the public facing application fires off GET requests they are received from the public facing server, which allows the data to be returned without issue.

However when calling a POST request this originates from the calling IP address of the browser. The POST is preceded by an OPTIONS request which I guess is the pre-flight check. This request fails as the IP address of the browser does not have direct access to the internal facing web server.

Why would the POST request originate from the browser when the GET requests originate from the server that the application resides on?

Thank you in advance.

Andy B
  • 111
  • 1
  • 12

1 Answers1

0

This sounds like a CORS issue.

Does the GET request originate from a user's browser (while on your web application) or from the server side web application itself?

Additionally, what is your content type on your POST vs. the GET?

Cross call working with Post but failing with pre-flight

Code.Combustion
  • 36
  • 6
  • When the request fails I cannot see an entry in the log files on the IIS web server. However on successful calls the GET originates from the server side application itself where the POST / OPTION originates from the browser. – Andy B May 09 '19 at 15:27
  • The content type is the same on both - application/json – Andy B May 09 '19 at 15:34