Trouble with CORS Policy and .NET Core 3.1

Question

I\'m not sure what I\'m missing, but can\'t seem to get my CORS Policy working with .NET Core 3.1 and Angular 8 client-side.

Startup.cs:

Answer 1

Try this util

https://www.nuget.org/packages/Microsoft.AspNetCore.Cors/ Using this you can enable/disable the cors in your .net core application

Answer 2

Web API is using app.UseHttpsRedirection(); which cause CORS issue if requesting client is not https based. So in order to use it with http client we need to comment or remove that line.

This issue is not with CORS, the https is causing this issue but thrown error is saying its with CORS.

Answer 3

The call to UseCors must be placed after UseRouting, but before UseAuthorization. For more information, see https://docs.microsoft.com/en-us/aspnet/core/security/cors?view=aspnetcore-3.1

Answer 4

As you are using localhost as http://localhost:4200, then try to set it in your configuration:

public void ConfigureServices(IServiceCollection services)
{
    services.AddCors(options => options.AddPolicy("ApiCorsPolicy", build =>
    {                
        build.WithOrigins("http://localhost:4200")
             .AllowAnyMethod()
             .AllowAnyHeader();
        }));
        // ... other code is omitted for the brevity
     }
}

And Configure method:

public void Configure(IApplicationBuilder app, IHostingEnvironment env, IServiceProvider provider)
{
    if (env.IsDevelopment())
    {
        app.UseDeveloperExceptionPage();
    }
    app.UseCors("ApiCorsPolicy");
    app.UseHttpsRedirection();
    app.UseAuthentication();
    app.UseMvc();
}