-1

I Have dotnet core 5 application and Angular app that in local host All Http methods working well but on the web host HttpGet, HttpPost Methods working correctly and HttpPut, DELETE thrown Exception:

Access to XMLHttpRequest at '---' from origin '---' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.

that config Cors like bellow:

public static IServiceCollection AddAdminApiCors(this IServiceCollection services)
    {
        services.AddCors(options =>
        {
            options.AddPolicy("CorsPolicy",
                builder =>
                {
                    builder.AllowAnyOrigin();
                    builder.AllowAnyHeader();
                    builder.AllowAnyMethod();
                });
        });

        return services;
    }

in Startup.cs

public void ConfigureServices(IServiceCollection services)
    {
        services.AddAdminApiCors();

        services.AddMvc();
}

public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
    {
app.UseRouting();

        app.UseCors("CorsPolicy");

        app.UseAuthentication();


        app.UseAuthorization();

        app.UseEndpoints(endpoints =>
        {
            endpoints.MapControllers();
        });
    }

[Authorize]
[EnableCors("CorsPolicy")]
public class CompanyController : ControllerBase
{
    [HttpGet]
    public async Task<ActionResult<IEnumerable<CompanyViewModel>>> Get([FromQuery] CompanyQuery companyQuery)
    {
        return Ok(await _mediator.Send(companyQuery));
    }

    [HttpPost]
    public async Task<ActionResult<int>> Create([FromBody] CreateCompanyCommand command)
    {
        var productId = await _mediator.Send(command);

        return Ok(productId);
    }

    [HttpPut]
    [ProducesResponseType(StatusCodes.Status204NoContent)]
    [ProducesDefaultResponseType]
    public async Task<IActionResult> Update([FromBody] UpdateCompanyCommand command)
    {
        await _mediator.Send(command);

        return NoContent();
    }

    [HttpDelete("{id}")]
    [ProducesResponseType(StatusCodes.Status204NoContent)]
    [ProducesDefaultResponseType]
    public async Task<IActionResult> Delete(int id)
    {
        await _mediator.Send(new DeleteCompanyCommand { Id = id });

        return NoContent();
    }
}

in many posts told change web.config file and remove WebDAV IIS Module that i follow them but my problam not solved cors put error

Mohsen Saleh
  • 139
  • 1
  • 10
  • Could you please have a try with add the [EnableCors] on each action instead of add it on controller. – Hury Shen Jul 22 '21 at 08:30
  • And since the "Get" and "Post" method work fine, so please check if the `ProducesResponseType` and `ProducesDefaultResponseType` annotations could affect the two methods("put" and "delete" method). – Hury Shen Jul 26 '21 at 09:03

3 Answers3

1

This works for my project :

    services.AddCors(options =>
    {
        options.AddPolicy("CorsPolicy",
            builder =>
            builder.SetIsOriginAllowed(_ => true)
            .AllowAnyMethod()
            .AllowAnyHeader()
            .AllowCredentials());
    });
B. Lec
  • 312
  • 2
  • 13
0

potentially there are an exception happened in your code and the server send you this misleading response you can detect the exception by go to the hosted application and go the web.config file and enable log by set it true and initiate another request and go the log file already generated and debug the issue.

Mustafa Wali
  • 146
  • 7
0

after 5 days I find my problem reason, it need to remove Web in Web.config file

<system.webServer>
  <modules> 
      <remove name="WebDAVModule"/> 
  </modules>  
</system.webServer>

and some changes applied in hosted server by hosting provider company supporter

Mohsen Saleh
  • 139
  • 1
  • 10