Access to web API from a different domain using $http AngularJS request was blocked due to a denied cross-domain localhost

Question

Access to web API from a different domain using $http AngularJS request was blocked due to a denied cross-domain localhost

Using AngularJS hosted on an ASP.NET server. Making a call to a web API. When making a POST request to the web API without parameters, it works. However, when passing parameters to the POST request, it returns the following error: Error: XMLHttpRequest cannot load http://localhost:60117/api/Parts. The response to the preflight request does not pass the access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin http://localhost:64658 is not allowed access.

Note: CORS has already been enabled through NuGet. [EnableCors("*", "*", "*")] is included in the webapiconfig.cs file.

var cors = new System.Web.Http.Cors.EnableCorsAttribute("*", "*", "*");
        config.EnableCors(cors);

The following is my request header:

OPTIONS /api/Parts HTTP/1.1
Host: localhost:60117
Connection: keep-alive
Access-Control-Request-Method: POST
Origin: http://localhost:64658
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36    (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Access-Control-Request-Headers: content-type
Accept: */*
Referer: http://localhost:64658/app/views/Index.html
Accept-Encoding: gzip, deflate, sdch, br
Accept-Language: en-US,en;q=0.8

When adding the following code to the web.config file, it results in a multiple accept verb error:

<httpProtocol>
    <customHeaders>
        <clear/>
        <add name="Access-Control-Expose-Headers " value="WWW-Authenticate"/>
        <add name="Access-Control-Allow-Origin" value="*"/>
        <add name="Access-Control-Allow-Methods" value="GET, POST, OPTIONS, PUT, PATCH, DELETE"/>
        <add name="Access-Control-Allow-Headers" value="accept, authorization, Content-Type"/>
        <remove name="X-Powered-By"/>
    </customHeaders>
</httpProtocol>

Updated:

Now receiving the following message in response to the request:

The requested resource does not support the HTTP method 'POST'.

AJAX call:

$http({
        method: "POST",                       
        url: config.APIURL + 'Parts',
        data: {'final':'final'}                       
});

Any assistance with this issue would be greatly appreciated. I am currently stuck and unable to progress.

javascript angularjs ajax asp.net-web-api asp.net-web-api2

Answer 1

Answer №1

When there is a difference in port, it is considered a cross domain request, leading some browsers to send preflight OPTIONS requests.

It is important to configure your server to accept these requests and respond with a 200 OK status code. You can find more information on how to do this at the following URL:

http://enable-cors.org/server_aspnet.html

Answer 2

When there is a difference in port, it is considered a cross domain request, leading some browsers to send preflight OPTIONS requests.

It is important to configure your server to accept these requests and respond with a 200 OK status code. You can find more information on how to do this at the following URL:

http://enable-cors.org/server_aspnet.html

Answer 3

Answer №2

If you're facing challenges with your current methods, consider giving this approach a try. Within your Globax.asax file in your WebApi, include the following method:

protected void Application_BeginRequest()
        {
            if (Context.Request.HttpMethod == "OPTIONS")
            {
                Context.Response.AddHeader("Access-Control-Allow-Origin", Context.Request.Headers["Origin"]);
                Context.Response.AddHeader("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept");
                Context.Response.AddHeader("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE, OPTIONS");                    
                Context.Response.End();
            }
    }

Additionally, within your WebApi Config, incorporate the following method call to activate CORS:

  config.EnableCors();

Finally, in your controller(s), apply an attribute similar to the following:

[EnableCors(origins: "*", headers: "*", methods: "*")]

We hope this guidance proves helpful. For more detailed information, feel free to visit this webpage https://msdn.microsoft.com/en-us/magazine/dn532203.aspx. Thank you for considering these suggestions.

Answer 4

If you're facing challenges with your current methods, consider giving this approach a try. Within your Globax.asax file in your WebApi, include the following method:

protected void Application_BeginRequest()
        {
            if (Context.Request.HttpMethod == "OPTIONS")
            {
                Context.Response.AddHeader("Access-Control-Allow-Origin", Context.Request.Headers["Origin"]);
                Context.Response.AddHeader("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept");
                Context.Response.AddHeader("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE, OPTIONS");                    
                Context.Response.End();
            }
    }

Additionally, within your WebApi Config, incorporate the following method call to activate CORS:

  config.EnableCors();

Finally, in your controller(s), apply an attribute similar to the following:

[EnableCors(origins: "*", headers: "*", methods: "*")]

We hope this guidance proves helpful. For more detailed information, feel free to visit this webpage https://msdn.microsoft.com/en-us/magazine/dn532203.aspx. Thank you for considering these suggestions.

Answer 5

Answer №3

Make sure to include the CorsMessageHandler class in the server to enable HTTP request handling.

Answer 6

Make sure to include the CorsMessageHandler class in the server to enable HTTP request handling.

Access to web API from a different domain using $http AngularJS request was blocked due to a denied cross-domain localhost

Answer №1

Answer №2

Answer №3

Similar questions

JavaScript failing to render AJAX request

Is there a way to manage Firefox using R to manipulate AJAX/Javascript functions?

What is the best way to refresh a Windows 7 command prompt screen before executing a new function in Node.js?

Are iFrames being utilized for third-party applications?

Tips for animating a div twice within the success function

Using an AJAX request to communicate between the controller and view in Codeigniter

Adding Material-UI icons dynamically in a React TypeScript project requires understanding the integration of imported icons

"Encountering a problem with posting API requests using Express

The back to top feature is malfunctioning when navigating to a new page

Is it possible to verify with Jest that ReactDOM.render has been called if it's enclosed in a conditional statement?

Enhance the user experience by implementing a smooth transition effect when loading new pages

Symfony2 does not receive any feedback from the Ajax request

The Javascript Date constructor struggles to interpret date strings in certain timezones that are not enclosed in brackets

While utilizing Ajax with Spring, it is possible to send a JavaScript object and receive it as a custom object. However, there was an issue with

Pass the identical event to multiple functions in Angular 2

Unlocking the Secrets: Expert Methods to Obtain Assets through HttpClient in Angular

The animation for the CSS gradient background is failing to animate

What is the best approach for running a database query using the value selected from a form dropdown?

The setting `ensureCleanSession: true` doesn't appear to be effective when included in the capabilities for Internet Explorer 11

In IE8, submitting an Ajax request almost always results in an error being