TechBubbles Microsoft Technology BLOG

CORS support for ASP.NET Web API

By Kalyan Bandarupalli
In ASP.NET, ASP.NET 4.5
March 26, 2013
2 Min Read
Add Comment

 

What is CORS?

Cross-origin resource sharing (CORS) is a standard that allows your web pages to make AJAX requests to another domain. The idea of implementing this standard to ASP.NET Web API came from Brock Allen. This post outlines the preview of CORS support for ASP.NET Web API.If you try to make a request to a service that is hosted in different domain then browser actually blocks that request. Create a new ASP.NET Web API project in Visual Studio 2012 and run the application then you will see the result something like below

image

Now navigate to the site where you can test your API. Click Test API button at the bottom of the page after placing your API URL in this test web site

image

Click send button, then you will see the network error as below

image

You can see the actual reason for this error by going to the developer tools in your browser and then go to the console

image

how to make allow this request on server side? Add a reference of below high-lighted assemblies to web api project

image

System.Web.Cors and System.Web.Http.Cors are core assemblies to support this feature in Web API.

Enabling CORS

You can enable CORS feature globally, per controller or per action method. Open WebAPIConfig file and call enablecors method 

using System;
using System.Collections.Generic;
using System.Linq;
using System.Web.Http;
using System.Web.Http.Cors;
namespace MvcApplication5
{
    public static class WebApiConfig
    {
        public static void Register(HttpConfiguration config)
        {
            config.Routes.MapHttpRoute(
                name: "DefaultApi",
                routeTemplate: "api/{controller}/{id}",
                defaults: new { id = RouteParameter.Optional }
            );
            config.EnableSystemDiagnosticsTracing();
            config.EnableCors();
        }
    }
}

Enabling per Controller

using System;
using System.Collections.Generic;
using System.Linq;
using System.Net;
using System.Net.Http;
using System.Web.Http;
using System.Web.Http.Cors;
namespace MvcApplication5.Controllers
{
    [EnableCors] 
    public class ValuesController : ApiController
    {
        // GET api/values
        public IEnumerable<string> Get()
        {
            return new string[] { "value1", "value2" };
        }

        // GET api/values/5
        public string Get(int id)
        {
            return "value";
        }
 }
}

Enabling per Action

You can enable CORS on single action method by calling EnableCrosAttribute on action

More on CORS support for ASP.NET Web API can be read from here

FacebookTwitterReddit

About the author

Kalyan Bandarupalli

My name is kalyan, I am a software architect and builds the applications using Microsoft .NET technologies. Here I am trying to share what I feel and what I think with whoever comes along wandering to Internet home of mine.I hope that this page and its contents will speak for me and that is the reason I am not going to say anything specially about my self here.

View all posts

Add Comment

Read more

By Kalyan Bandarupalli March 26, 2013
Add Comment
TechBubbles Microsoft Technology BLOG

Follow me

Archives

Tag Cloud

.NET Framework (14) .NET Framework 4.0 (6) .NET Framework 4.5 (7) AJAX (6) ASP.NET (81) ASP.NET 4 (7) ASP.NET 4.5 (27) ASP.NET 4.5 Preview (8) ASP.NET 5 (7) ASP.NET Core (5) ASP.NET MVC (11) Azure (6) Azure Services (5) C# (23) Cloud (9) JavaScript (5) Microsoft (91) Microsoft Azure (8) OData (5) REST (5) SharePoint (77) Sharepoint 2010 (50) SharePoint 2013 (23) Silverlight (9) SQL Azure (6) SQL server (56) SQL server 2008 (29) SQL Server 2008 Analysis Services (5) SQL Server 2008 R2 (10) SQL Server 2012 (20) SQL server Reporting Services (6) SQL Server SSIS (5) SSIS (8) Testing (6) Visual Studio (56) Visual Studio 11 (5) Visual Studio 2010 (26) Visual Studio 2012 (29) Visual Studio 2013 (18) WCF (21) Web Services (12) Windows 8 (6) Windows Azure (18) WSE (5) XML (4)