'Cors error after publishing my project in IIS 10

after publishing my project in IIS I'm having the cors strict-origin error, but I've already configured everything I could.

Below is my configuration

I'm using Netcore 6.0

    private static void ConfigureServices(WebApplicationBuilder builder)
    {
        // Add services to the container.
        builder.Services.AddControllers();
        builder.Services.AddEndpointsApiExplorer();
        builder.Services.AddSwaggerGen();

        ConfigureService.ConfigureDependenciesService(builder);
        ConfigureService.ConfigureControllerService(builder);
        ConfigureRepository.ConfigureDependenciesRepository(builder);
        ConfigureAuthService.ConfigureJWT(builder);
        ConfigureCultureService.ConfigureCulture(builder);
        ConfigureEmailService.ConfigureSmtpClient(builder);

        builder.Services.AddCors(opt =>
        {
            opt.AddPolicy("CorsPolicy", builder => builder
                .AllowAnyOrigin()
                .AllowAnyMethod()
                .AllowAnyHeader());
        });
    }

    private static void Configure(WebApplication app)
    {
        // Configure the HTTP request pipeline.
        if (app.Environment.IsDevelopment())
        {
            app.UseSwagger();
            app.UseSwaggerUI();
        }

        app.UseAuthentication();
        var localizeOptions = app.Services.GetService<IOptions<RequestLocalizationOptions>>();
        app.UseRequestLocalization(localizeOptions.Value);

        //app.UseHttpsRedirection();
        app.UseCors("CorsPolicy");

        app.UseAuthentication();
        app.UseRouting();
        app.UseAuthorization();
        app.UseEndpoints(endpoints =>
        {
            endpoints.MapControllers();
        });
    }

Config web.config IIS FOLDER

c++sharpiis-10


Solution 1:[1]

Please check if you have cors enabled in iis, if not, you can enable cors by adding configuration in your web.config file, here is the configuration:

<system.webServer>
  <httpProtocol>
    <customHeaders>
        <add name="Access-Control-Allow-Origin" value="*" />
        <add name="Access-Control-Allow-Methods" value="GET,POST,OPTIONS" />
        <add name="Access-Control-Allow-Headers" value="Content-Type" />
    </customHeaders>
  </httpProtocol>
</system.webServer>

Sources

This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.

Source: Stack Overflow

Solution Source
Solution 1 samwu

Related Questions