Cross-Origin Requests (CORS) in ASP.NET Core Web API
This blog is going to explain what a Cross Origin Request (CORS) is and how to implement it in ASP.NET Core web API. When a web page tries to access resources from a different webpage it is blocked by the browser security feature. This feature is called the Same Origin Policy (SOP). In many cases the developer has to access resources of different origins. In such cases CORS helps to relax the Same Origin Policy. There are 3 ways to enable CORS in ASP.NET core. Middleware (name policy or default policy) Endpoint routing [EnableCORS] attribute Let’s see that with the example. Imagine you have an API which returns some JSON values. It’s URL is https://localhost:44351/api/Home. When trying to access another domain URL(https: // localhost: 44389 /) from the client page, it will give you the following error message. Access to XMLHttpRequest at 'https://localhost:44351/api/Home' from origin 'https://localhost:44389' has be