Get full access to Hands-On Full-Stack Web Development with ASP.NET Core and 60K+ other titles, with a free 10-day trial of O'Reilly.

There are also live events, courses curated by job role, and more.

Start your free trial

Enabling Cross-Origin Resource Sharing

The Enabling Cross-Origin Resource Sharing (CORS) standard allows a web server to relax the same-origin policy that prevents a browser from sending API requests to domains other than that of the web application. Browsers enforce the same-origin policy to protect their users from many kinds of attacks that attempt to send data to other sites.

In ASP.NET Core, it's very easy to configure the domains that are allowed to use your API, and the type of HTTP methods they can use.

First, add the CORS middleware by adding these lines to the ConfigureServices method in your Startup class:

public void ConfigureServices(IServiceCollection services) {    service.AddCors()}

Than, configure the CORS policy in your ...

Get Hands-On Full-Stack Web Development with ASP.NET Core now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Don’t leave empty-handed

Get Mark Richards’s Software Architecture Patterns ebook to better understand how to design components—and how they should interact.

It’s yours, free.

Get it now

Check it out now on O’Reilly

Dive in for free with a 10-day trial of the O’Reilly learning platform—then explore all the other resources our members count on to build skills and solve problems every day.

Start your free trial Become a member now