Getting CORS To Work With Nancy

c# asp.net api cors nancy

I don't think you need to specify OPTIONS as an allowed CORS method. I've never seen that set, and I've never set it myself. Browsers don't complain.

Otherside I have a similar setup as you in my :

public abstract class MyModule : NancyModule    protected MyModule(bool hasRazorView = true)        After.AddItemToEndOfPipeline((ctx) => ctx.Response            .WithHeader("Access-Control-Allow-Origin", "*")            .WithHeader("Access-Control-Allow-Methods", "POST,GET")            .WithHeader("Access-Control-Allow-Headers", "Accept, Origin, Content-type"));        . . . .    }}

In my case, the CORS get sent on my GET and POST, but not the OPTIONS. I overrode the default OPTIONS handling with Options["/"] = route => new Response(). That let the rest of the pipeline fire.

c# asp.net api cors nancy

I find it nicer to handle CORS headers in IIS rewriter rules this is sample rewrite webconfig section which does that:

<rewrite>  <outboundRules>    <rule name="Set Access Control Allow Origin Header" preCondition="Origin header">      <match serverVariable="RESPONSE_Access-Control-Allow-Origin" pattern="(.*)" />      <action type="Rewrite" value="{HTTP_ORIGIN}" />    </rule>    <rule name="Set Access Control Allow Headers Header" preCondition="Origin header">      <match serverVariable="RESPONSE_Access-Control-Allow-Headers" pattern="(.*)" />      <action type="Rewrite" value="Content-Type" />    </rule>    <rule name="Set Access Control Allow Methods Header" preCondition="Origin header">      <match serverVariable="RESPONSE_Access-Control-Allow-Method" pattern="(.*)" />      <action type="Rewrite" value="POST,GET,OPTIONS" />    </rule>    <rule name="Set Access Control Allow Credentials Header" preCondition="Origin header">      <match serverVariable="RESPONSE_Access-Control-Allow-Credentials" pattern="(.*)" />      <action type="Rewrite" value="true" />    </rule>    <preConditions>      <preCondition name="Origin header" logicalGrouping="MatchAny">        <add input="{HTTP_ORIGIN}" pattern="(http://localhost$)" />        <add input="{HTTP_ORIGIN}" pattern="(http://.*\.YOURDOMAIN\.com$)" />      </preCondition>    </preConditions>  </outboundRules></rewrite>

Remember to install IIS rewrite module: http://www.iis.net/downloads/microsoft/url-rewrite

c# asp.net api cors nancy

On .NET Core, I was able to pass through CORS using the code below in the Configure method:

    // This method gets called by the runtime. Use this method to configure the HTTP request pipeline.    public virtual void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory)    {        loggerFactory.AddConsole(Configuration.GetSection("Logging"));        loggerFactory.AddDebug();        // Shows UseCors with CorsPolicyBuilder.        app.UseCors(builder =>           builder.WithOrigins(new[] { "http://localhost:4200" }).AllowAnyHeader()                    .AllowAnyMethod()                    .AllowCredentials()           );        app.UseOwin(a => a.UseNancy(b => b.Bootstrapper = new NancyBootstrap(this.Container)));    }

CodeHunter

Getting CORS To Work With Nancy

Recent Posts

How can I color dots in a xy scatterplot according to column value?

How to update a claim in ASP.NET Identity?

What does {0} mean when initializing an object?

Accessing members of items in a JSONArray with Java

How to log SQL statements in Spring Boot?

Powershell Get-WebSite name parameter is ignored

How to detect scroll to bottom of html element

Java synchronized method

How to test controllers with CodeIgniter?

Detect Visual Composer

Matplotlib: Specify format of floats for tick labels

Rails join a list of strings with commas and "and" before the last