CORS stands for cross-origin resource sharing, and it is an HTTP header-based mechanism that allows the server to tell the browser whether to accept a request from a domain, port, or scheme other than its own. It is based on a process in which the browser sends a “preflight” request to the server, and the server responds with response headers indicating whether the request can proceed or not. The browser will either succeed or fail the request based on what these headers say. The browser sends headers that indicate the HTTP method and headers that will be used in the actual request in the preflight request.
To enable CORS in your Blazor Server application, follow these steps:
Create a new Blazor Server application with latest .Net support.
After creating the application, open the Program.cs file. In this file, you will find the code where the AddCors method is called on the builder.Services object to register the CORS service. Within the AddCors method, a named CORS policy called “NewPolicy” is defined using the options.AddPolicy method. If necessary, you can further configure the CORS policy by providing additional options through the builder parameter in the AddPolicy method.
[Program.cs]...builder.Services.AddCors(options => {
options.AddPolicy("NewPolicy", builder => builder.AllowAnyOrigin() .AllowAnyMethod() .AllowAnyHeader());});...
app.UseRouting();
app.UseCors("NewPolicy");
app.UseAuthorization();- AllowAnyOrigin—Allows access from any origin.
- AllowAnyMethod—Access to allow any method.
- AllowAnyHeader—Access to allow any header in a request.
Note: Call the UseCors method between the UseRouting and UseAuthorization methods.
Share with