Enable CORS in ASP.NET Core Web Api
Quick and dirty, don't use this in production
Expert generalist • Independent Contractor • Microsoft MVP • Home Assistant enthusiast Hi there! I'm Bogdan Bujdea, a software developer from Romania. I'm currently a .NET independent contractor, and in my free time I get involved in the local .NET community or I'm co-organizing the @dotnetdays conference. I consider myself an expert generalist, mostly because I enjoy trying out new stuff whenever I get the chance and I get bored pretty easily, so on this blog you'll see me posting content from programming tutorials to playing with my smart gadgets.
No matter how many times I do this on my local machine I always forget how to enable CORS for "*", just for testing something quick on my machine. This means that there's a proper way to do this and there's a "I don't care how I do it, just stop my requests from returning CORS Error".
The snippet below is for the latter, so it's just for development, but in the next few days I'll try to cover how to do this in production as well.
Basically, we do 3 things to enable CORS:
- Create a policy with an arbitrary name
- Configure that policy with the origins we want to allow (in my case, I use "*")
- Enable CORS using for that policy
