I have created a Thrift server on .NET core and a node client in an Angular application. I used THttpServerTransport protocol in the server. This works fine when both client and server are on same machine but when client is on different machine, browser throws CORS error.
To resolve this, I tried .NET Core's builder.AllowAllOrigin().AllowAllMethod() and WithOrigins("*") but that does not add the "Access-Control-Allow-Origin" header in the response.
public void ConfigureServices(IServiceCollection services)
{
// NOTE: this is not really the recommended way to do it
// because the HTTP server cannot be configured properly to e.g. accept framed or multiplex
services.AddCors(options =>
{
options.AddPolicy("MyAllowSpecificOrigins",
builder => builder.WithOrigins("*"));
});
services.AddScoped<MyAPI.IAsync, MyControlBroker>();
services.AddScoped<ITAsyncProcessor, MyHostAPI.AsyncProcessor>();
services.AddScoped<THttpServerTransport, THttpServerTransport>();
services.AddScoped<TConfiguration, TConfiguration>();
}
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app, Microsoft.AspNetCore.Hosting.IHostingEnvironment env, ILoggerFactory loggerFactory)
{
_ = env;
_ = loggerFactory;
app.UseMiddleware<THttpServerTransport>();
app.UseHttpsRedirection();
app.UseCors("MyAllowSpecificOrigins");
}
Thrift just adds the Content-Type header. How can I add the access-control header in the response?
I checked Thrift's code but did not see the provision of adding the header.
