These two URLs have the same origin:
๐๐๐๐๐://๐๐-๐๐๐๐พ-๐๐-๐ฃ.๐ผ๐๐/๐ฆ๐พ๐/๐ง๐บ๐๐๐๐บ๐ฌ๐บ๐๐บ๐๐บ
๐๐๐๐๐://๐๐-๐๐๐๐พ-๐๐-๐ฃ.๐ผ๐๐/๐ฆ๐พ๐/๐ ๐
๐
๐จ๐๐ถ๐พ๐
๐
These URLs have different origins
๐๐๐๐๐://๐๐-๐๐๐๐พ-๐๐-๐ฃ.๐ผ๐๐/๐ฆ๐พ๐/๐ง๐บ๐๐๐๐บ๐ฌ๐บ๐๐บ๐๐บ
๐๐๐๐://๐๐-๐๐๐๐พ-๐๐-๐ฃ.๐๐พ๐/๐ฆ๐พ๐/๐ ๐
๐
๐จ๐๐ถ๐พ๐
๐
To facilitate requests from different origins you need to enable CORS in .NET.
In .NET 6 by using the combination of these methods you can enable CORS as per your requirement.
๐๐ฅ๐ฅ๐จ๐ฐ๐๐ง๐ฒ๐๐ซ๐ข๐ ๐ข๐ง: This policy allows requests from any origin.
๐๐ข๐ญ๐ก๐๐ซ๐ข๐ ๐ข๐ง๐ฌ: This policy allows requests from specific origins. You can specify one or more origins as arguments to this method.
๐๐ฅ๐ฅ๐จ๐ฐ๐๐ง๐ฒ๐๐๐๐๐๐ซ: This policy allows requests with any header.
๐๐ข๐ญ๐ก๐๐๐๐๐๐ซ๐ฌ: This policy allows requests with specific headers. You can specify one or more headers as arguments to this method.
๐๐ฅ๐ฅ๐จ๐ฐ๐๐ง๐ฒ๐๐๐ญ๐ก๐จ๐: This policy allows requests with any HTTP method (e.g., GET, POST, PUT, DELETE).
๐๐ข๐ญ๐ก๐๐๐ญ๐ก๐จ๐๐ฌ: This policy allows requests with specific HTTP methods. You can specify one or more methods as arguments to this method.
Few Things to Keep in mind
โ๏ธCORS is not a security feature. CORS is a W3C standard that allows a server to relax the same-origin policy.
โ๏ธAn API isn't safer by allowing CORS.
โ๏ธIt's a way for a server to allow browsers to execute a cross-origin request that otherwise would be forbidden.
โ๏ธBrowsers without CORS can't do cross-origin requests.
Top comments (0)