03-31-2016 08:35 AM
I'm attempting to access the API from an AngularJS front-end app but I'm having issues with CORS.
I've added the key to web.config and web.customer.conif: <add key="EnableCorsOrigins" value="myAngularAppDomain"> and restarted the DefaultWebSite in IIS
And I'm still having some issues.
The message I receive in the browser console upon trying to authenticate is:
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource as https://<api server>/Act.Web.API/authorize (Reason: CORS header 'Access-Control-Allow-Origin' missing).
Do I need to add this to the header in my GET Request or should the be added by the server?
Any help would be greatly appreciated.
03-31-2016 08:40 AM
The funny thing is that the api is installed on the local domain at https://<server name>/Act.Web.API/
And the AngularJS App is hosted at https://<server name>:778/app/
I would have assumed CORS to be a non-issue at that point.
Is there a way I can organize the Angular App to not have the CORS issue at all? Possibly by moving my angular app to be on the DefaultWebSite where it would be accessed via https://<server name>/app ??
Would that be an easier solution?
I'm fairly new with these types of technologies so please bear with me.