CORS for Aspnetcore

Source: Internet
Author: User


Used to look at others blog, but even comments are too lazy to give one, so the heart has guilt, began to write something. I am not a coder born, just see more, understand some, understand some ideas, do not coding, also will see the change of words recorded down. Having recently learned about the pipeline of ASP. NET core, I have known cors and this article is to translate the Microsoft Knowledge Document about Cors in your own words.




CORS (cross Origin Resource sharing) is a way to share across domains, due to the limitations of browser "Same-origin" (homologous policy), which is produced in practical application, the same as the world standard

As for what is Same-origin:

    1. Protocols, such as HTTP, HTTPS, file, etc.
    2. domains, such as
    3. Same port

How to use Cors

use method One : Global application

. NET core cors module in Microsoft.AspNetCore.Cors's NuGet package

Configuring Cors in Services and middleware in ASP.

To add a reference:

Using Microsoft.AspNetCore.Cors


public void Configurationservices (iservicecollection services) {    services. Addcors ()}public void Configure (Iapplicationbuilder app,ihostingenviroment env,iloggerfactory loggerfactory) {app. Usecors (builder=> Builder. Withorigins ("http://localhost:5000");}


    1. Addcors () takes precedence over any other service
    2. Builder. Withorigins (URL) parameter cannot end with '/'
    3. Builder has some chain method, which is used for filtering requests and can be consulted on its own

use method two : Name using

Define one or more cors policies to use in attribute based on the name of the policy on the Controller, class, function, etc.


public void Configureservices (iservicecollection services) {    services. Addcors (options =        options. Addpolicy ("Allowaorigin",            builder = Builder. Withorigins (""));        Options. Addpolicy ("Allowborigin",            builder = Builder. Withorigins (""))}); } public void Configure (Iapplicationbuilder app, Ihostingenvironment env, Iloggerfactory loggerfactory) {app. Usecors ("Allowaorigin");} If you are an MVC APP, you only need the add service and you don't need to configure middleware

Using Cors in attribute

[HttpGet] [Enablecors ("Allowspecificorigin")]public ienumerable<string> Get () {    return new string[] {"Value1", " Value2 "};}

Restrict all controllers

public void Configureservices (iservicecollection services) {    services. Addmvc ();    Services. configure<mvcoptions> (options =        options. Filters.add (New Corsauthorizationfilterfactory ("Allowaorigin"));    });

Here the basic usage of cors is almost, the details of the site can be seen on the official website documents, English is good to read English documents. I'm not sure how this thing works in real projects, but I use it on the front and back of the separation.

CORS for Aspnetcore

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.