Skip to main content

Configuring CORS in IIS - Response to preflight request doesn't pass access control check: It does not have HTTP ok status

The Access-Control-Allow-Origin Header Explained – With a CORS Example Often times when calling an API, you may see an error in your console that looks like this: 
 
Access to fetch at 'http://somesite.com' from origin 'http://yoursite.com' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header has a value that is not equal to the supplied origin


Add following in 
 
<system.webServer> 
 <httpProtocol> 
 <customHeaders> 
  <add name="Access-Control-Allow-Methods" value="*" /> 
  <add name="Access-Control-Allow-Origin" value="*" /> 
  <add name="Access-Control-Allow-Headers" value="*" /> 
 </customHeaders> 
 </system.webServer>
After adding the above code in web.config, received the following error in response. 
 
 .... Has been blocked by CORS policy: Response to preflight request
  doesn’t pass access control check: it does not have http ok status

  You may still need to remove the default IIS OPTIONSVerbHandler, then add the OPTIONS verb to appropriate handler(s) to allow the requests to get to your api. then removing/commenting the following "OPTIONSVerbHandler" handler line //This line was not documented on Microsoft website > 
 
  <!--<remove name="OPTIONSVerbHandler" />-->
or changing it with the following:   
 
   <add name="OPTIONSVerbHandler" path="*" verb="OPTIONS"
  modules="ProtocolSupportModule" requireAccess="None"
  responseBufferLimit="4194304" />

// For me it worked without adding the following code in Web API. but for the safe side ...   Then in the Global.asax file, add the following method: 
 
 protected void Application_BeginRequest(object sender, EventArgs e) 
 { 
  if (HttpContext.Current.Request.HttpMethod == "OPTIONS") 
  { 
    HttpContext.Current.Response.Flush(); 
  } 
 }

Labels

Labels:

Comments

Post a Comment

Popular posts from this blog

Call User-defined Function on Linked Server :SQL Server

If you try to invoke a user-defined function (UDF) through a linked server in SQL Server by using a "four-part naming" convention (server.database.dbo.Function), you may receive error message.  The reason is User-defined function calls inside a four-part linked server query are not supported in SQL Server. Thats why error message indicates that the syntax of a Transact-SQL statement is incorrect.  To work around this problem, use the Openquery function instead of the four-part naming convention. For example, instead of the following query Select * from Linked_Server.database.dbo.Function(10) run a query with the Openquery function: Select * from Openquery(Linked_Server,'select database.dbo.Function(10)') If the user-defined function takes variable or scalar parameters, you can use the sp_executesql stored procedure to avoid this behavior.  For example: exec Linked_Server.database.dbo.sp_executesql N'SELECT database.dbo.Function(@input)',N'@input...
10 comments
Read more

Pass multiple complex objects to Web API action

Working with ASP.NET Web API, the most unexpected thing is the limited support of POST data values to simple ApiController methods. When a parameter has [FromBody], Web API uses the Content-Type header to select a formatter. At most one parameter is allowed to read from the message body. The reason for this rule is that the request body might be stored in a non-buffered stream that can only be read once. A simple principle, you can send any content in HTTP request, it only need to be serializable into a string. So, it could be multiple JSON object. In this example, the content type is "application/json" and the request body is a raw JSON string (not a JSON object). Here I found a workaround to pass multiple complex objects (using the above principle) from jquery to a WEB API using JObject , and then cast back to your required specific object type in api controller. This objects provides a concrete type specifically designed for working with JSON. var customer = { ...
Post a Comment
Read more

Microsoft SQL Server 2005 Service Pack 3 for Windows 7 (64 bit)

You can download from here Microsoft SQL Server 2005 Service Pack 3 Overview Service Pack 3 for Microsoft SQL Server 2005 is now available. SQL Server 2005 service packs are cumulative, and this service pack upgrades all service levels of SQL Server 2005 to SP3. You can use these packages to upgrade any of the following SQL Server 2005 editions: Enterprise Enterprise Evaluation Developer Standard Workgroup Download Size: 326.0 MB http://www.microsoft.com/downloads/details.aspx?FamilyID=ae7387c3-348c-4faa-8ae5-949fdfbe59c4&displaylang=en Microsoft SQL Server Management Studio Express Service Pack 3 Overview Microsoft SQL Server Management Studio Express (SSMSE) is a free, easy-to-use graphical management tool for managing SQL Server 2005 Express Edition and SQL Server 2005 Express Edition with Advanced Services. SSMSE can also manage instances of the SQL Server Database Engine created by any edition of SQL Server 2005. Note: SSMSE cannot manage SQL Server Analysis ...
2 comments
Read more