Allow CORS With ASP MVC

CORS stands for Cross-Origin Resource Sharing. For most scenarios, what it does is let you use Javascript to make HTTP requests to a different domain. It is a very important security feature but is a useful thing to enable if you have the need for it. This guide will show you how to enable it for a C# ASP.NET MVC API.

To start, you will need to install a NuGet package called Microsoft.AspNet.WebApi.Cors. The functionality is not included as part of the Web.Http assembly. You will get a reference error if you do not include this package.

cors with asp nuget package
Search for CORS in the nuget window and install the package highlighted. This will give you access to the references you need.

Navigate to App_Start/WebApiConfig.cs and modify the Register method to add config.EnableCors();. You can have plenty of other information in this method too. This is the default. All you need is the cors call to have it enabled.

public static void Register(HttpConfiguration config)
{
	config.EnableCors();

	config.Routes.MapHttpRoute(
		name: "DefaultApi",
		routeTemplate: "api/{controller}/{action}/{id}",
		defaults: new { id = RouteParameter.Optional }
	);
}

Once you have added cors to the register method of the project, you need to decorate the cors enabled controllers with an attribute. Make sure to only add this to the controllers you want to enable cors for. This isn’t something you want to have enabled for everything unless you really need to. The following code will enable cors for a specific API controller with ASP.NET.

[EnableCors(origins: "http://domainyouwanttosupport.com", headers: "*", methods: "*")]
public class CorsController : ApiController
{
	//controller actions go in here
}

The code above will allow cross origin requests to a specific domain. If you want to enable it for everything, which you should only do if the controller is safe inside an internal network or something, you can replace the origin string with a *. The snippet below will enable requests for any domain.

[EnableCors(origins: "*", headers: "*", methods: "*")]

The Namespace name ‘Cors’ does not exist error

If you are getting this compiler error when trying to get this to work you more than likely failed to install the nuget package that is required. If you see the error below, install the package highlighted in the image below.

The type or namespace name ‘Cors’ does not exist in the namespace ‘System.Web.Http’ (are you missing an assembly reference?)

Related Articles

Related Questions

Whirlpool Oven F6E6: Appliance Manager 1 Board Communication

I have a brand new Whirlpool oven W11I OM1 4MS2 H or (859991549450). I bought it alongside the microwave combi oven. I have had...

Whats the difference between the Tapo P100 and the P105?

There are a few different Tapo smart plugs. The P100 and P110 differ based on the smart power monitoring feature but where does the...

Time remaining keeps going up on Whirlpool dryer??

I have clothes in the dryer regularly and the time remaining shows on the display. There could be 10 mins remaining and if I...

LEAVE A REPLY

Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Latest Tools

Memory Converter

Converting values between various metric measurements is usually quite simple as there will be 1000 of the smaller unit in the next larger unit....

Bitrate Converter

Below you will find a bitrate converter. This tool will allow you to enter a bitrate value, in one of many different formats and...

Aesthetic Text Generator

There are various ways to make your social media profile seem more unique, some of which are not as easy to implement as others....

Aspect Ratio Calculator For Images

Aspect ratio is the ratio between the height and width of an image. If you want to resize an image by 100 pixels, you...

Add Text To Image

Use this free tool to add text to an image. Simply select the image file that you want to overlay text onto and you...

JavaScript Multi-line String Builder

Javascript did not always support multi-line strings. If you attempted to create a string variable using quotes, putting a line break into the source...

Latest Posts

Latest Questions