Disable CORS in ASP.NET MVC framework

Question

I developped an ASP.NET MVC web site. In this site I have some url, for example, site.com/url/ where I can send post request to and get some response.

How can I disable getting results from this url for requests from different domains and allow getting results only for requests from domain site.com?

I read about CORS but I don't know whether it can be used in my case.

score 0 · Answer 1 · answered Oct 05 '22 at 19:52

0

    builder.Services.AddCors(options =>
    {
        options.AddPolicy(name: MyAllowSpecificOrigins,
                          policy  =>
                          {
                              policy.WithOrigins("http://example.com",
                                                  "http://www.contoso.com");
                          });
    });

...
app.UseRouting();

app.UseCors(MyAllowSpecificOrigins);

app.UseAuthorization();

link to article

answered Oct 05 '22 at 19:52

Mihal By

162
2
12

This code for .net core, but I use .net framework. How can I do the same in .net framework? – Anton Makarov Oct 06 '22 at 04:14
@AntonMakarov in ASP.NET try to use EnableCors attibute https://learn.microsoft.com/en-us/aspnet/web-api/overview/security/enabling-cross-origin-requests-in-web-api or setup cors in you hosting(IIS, ngings ...) – Mihal By Oct 06 '22 at 05:25
Thanks. This link describes web api in .net framework, but I use .net framework mvc. Will it work in my case? – Anton Makarov Oct 06 '22 at 06:11
Try) I think Microsoft.AspNet.WebApi.Cors must work in ,net frameworks. – Mihal By Oct 06 '22 at 08:25
Clear code without any modules and packages - use custom action filter https://stackoverflow.com/questions/6290053/setting-access-control-allow-origin-in-asp-net-mvc-simplest-possible-method – Mihal By Oct 06 '22 at 08:34

Disable CORS in ASP.NET MVC framework

1 Answers1