Chapter 9. Enabling Cross-Origin Resource Sharing (CORS) in ASP.NET Web API

This chapter will help you in learning how to enable CORS in your Web API application.

In this chapter, we will cover the following topics:

What is CORS?
How CORS works
Setting the allowed origins
Setting the allowed HTTP methods
Setting the allowed request headers
Setting the allowed response headers
Passing credentials in cross-origin requests
Enabling CORS at various scopes

What is CORS?

According to the same-origin policy, browser security avoids any AJAX requests from one domain to your Web API on another domain in order to prevent a malicious site from reading sensitive data or posting it to another site. But, in some cases, you may need to enable other domains to call your ...

Get ASP.NET Web API Security Essentials now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

ASP.NET Web API Security Essentials by Rajesh Gunasundaram

Chapter 9. Enabling Cross-Origin Resource Sharing (CORS) in ASP.NET Web API

What is CORS?

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly