Unable to rewrite Access_Control_Allow_Origin

Question

Unable to rewrite Access_Control_Allow_Origin

I have one site that works like cdn for my other sites.

I added the following to web.config

<httpProtocol>
  <customHeaders>
    <add name="Access-Control-Allow-Headers" value="Origin, X-Requested-With, Content-Type, Accept" />
    <add name="Access-Control-Allow-Methods" value="POST,GET,OPTIONS,PUT,DELETE" />
    <add name="Arr-Disable-Session-Affinity" value="True" />
  </customHeaders>
</httpProtocol>

<rewrite>
  <outboundRules>
    <clear />
    <rule name="AddCrossDomainHeader">
      <match serverVariable="RESPONSE_Access_Control_Allow_Origin" pattern=".*" />
      <conditions logicalGrouping="MatchAll" trackAllCaptures="true">
        <add input="{HTTP_ORIGIN}" pattern="(http(s)?://((.+\.)?[a-zA-Z0-9-]*\.ap\.dk|(.+\.)?localhost\:[0-9]*))" />
      </conditions>
      <action type="Rewrite" value="{C:0}" />
    </rule>
  </outboundRules>
</rewrite>

I was inspired by answer No. 2 here Access-control-allow-origin with multiple domains

But rewriting Access_Control_Allow_Origin only works on localhost. On a live site, this is not overwritten, and then I get an error message:

Failed to load https://aptestlogin.ap.dk//Widgets/Footer.html : the header 'Access-Control-Allow-Origin' has a value of ' https://aptestproject.ap.dk ', which is not equal to the specified start. Origin ' https://aptestcompany.ap.dk ', therefore access is not allowed

"Footer.html", , , .

+4

.net url-rewriting cors

Simon Sondrup Kristensen 01 . '17 10:02

5

Snr · Answer 1 · 2017-12-11T07:17:38+0000

Microsoft.AspNet.WebApi.Cors

App_Start/WebApiConfig.cs.

public static void Register(HttpConfiguration config)
        {

            config.EnableCors(); //add this


        }

Interreto · Answer 2 · 2017-12-09T22:58:14+0000

. , // - .

https?:\/\/((.+\.)?[a-zA-Z0-9-]*\.ap\.dk|(.+\.)?localhost(\:[0-9]*)?)

Nisal Waduge · Answer 3 · 2017-12-11T06:48:09+0000

https://enable-cors.org/server_aspnet.html

.

A STEFANI · Answer 4 · 2017-12-11T12:50:21+0000

<match serverVariable="RESPONSE_Access_Control_Allow_Origin" pattern=".*" />

<match serverVariable="RESPONSE_Access_Control_Allow_Origin" pattern="*" />

Karthik prasad · Answer 5 · 2017-12-11T14:05:30+0000

If you are using Visual Studio, install Microsoft.AspNet.WebApi.Cors from the package manager or the Nuget package manager, if you have one.

Open the App_Start / WebApiConfig.cs file. Add the following code to the WebApiConfig.Register method.

using System.Web.Http;
namespace WebService
{
  public static class WebApiConfig
 {
    public static void Register(HttpConfiguration config)
    {
        // New code
        config.EnableCors();

        config.Routes.MapHttpRoute(
            name: "DefaultApi",
            routeTemplate: "api/{controller}/{id}",
            defaults: new { id = RouteParameter.Optional }
        );
    }
  }
}

This allows Cors the whole application if you want to know more about this JOINT CROSS ORIGIN RESOURCES (CORS) here https://docs.microsoft.com/en-us/aspnet/web-api/overview/security/enabling-cross-origin -requests-in-web-api or do a search on Youtube, you will get a lot of videos for it.

Unable to rewrite Access_Control_Allow_Origin

More articles: