How come CORS does not work for me in ASP.NET Core?

Question

How come CORS does not work for me in ASP.NET Core?

asked Dec 31, 2021 by Wade (2.5k points)
retagged Dec 31, 2021 by Wade

I think I've implemented CORS correctly. I added the .NET CORS package, and my ConfigureServices has this :

public void ConfigureServices(IServiceCollection services)
{
    services.AddCors(); // Make sure you call this previous to AddMvc
    services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_2_1);
}

And my Configure method has this :

public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory)
{
    app.UseMvc();
	
    app.UseCors(
        options => options.WithAnyOrigin().AllowAnyMethod()
    );
}

But I can see in Chrome that it is not allowing any origin or sending CORS headers in return

1 Answer

Wade · Answer 1 · 2021-12-31T02:25:12+0000

Your issue is that the Configure method runs in order, and specifically, some methods in your Configure method will actually short circuit and return a result.

In your case, the call to UseMVC() will return before the call to UseCors(). So you just need to reverse the order like so :

public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory)
{
    app.UseCors(
        options => options.WithAnyOrigin().AllowAnyMethod()
    );

    app.UseMvc();
}

How come CORS does not work for me in ASP.NET Core?

Your comment on this question:

Your answer

1 Answer

Your comment on this answer: