forum

home / developersection / forums / how to enable cors in asp.net core 6.0 web api project?

Ask Question
Utpal Vishwas

Student

I am Utpal Vishwas from Uttar Pradesh. Have completed my B. Tech. course from MNNIT campus Prayagraj in 2022. I have good knowledge of computer networking.

Follow
Can you answer this question?
Answer

1 Answers

Aryan Kumar

Aryan Kumar

08-Nov-2023

Enabling Cross-Origin Resource Sharing (CORS) in an ASP.NET Core 6.0 Web API project allows your API to respond to requests from different domains or origins. To enable CORS, you can follow these steps:

Install the Microsoft.AspNetCore.Cors Package (if not already installed):

Make sure you have the Microsoft.AspNetCore.Cors package added to your project. If it's not already included, you can add it using the following command:

dotnet add package Microsoft.AspNetCore.Cors

Configure CORS in the Startup.cs File:

In your Startup.cs file, you need to configure CORS services in the ConfigureServices method and set up CORS policies in the Configure method.

csharpCopy code

using Microsoft.AspNetCore.Builder;
using Microsoft.Extensions.DependencyInjection;

public class Startup
{
    public void ConfigureServices(IServiceCollection services)
    {
        services.AddCors(options =>
        {
            options.AddPolicy("AllowSpecificOrigin", builder =>
            {
                builder
                    .WithOrigins("http://example.com", "https://example.com")
                    .AllowAnyHeader()
                    .AllowAnyMethod();
            });
        });

        // Other services configuration
    }

    public void Configure(IApplicationBuilder app)
    {
        // ...

        app.UseCors("AllowSpecificOrigin"); // Apply the CORS policy

        // ...

        app.UseRouting();

        // ...

        app.UseEndpoints(endpoints =>
        {
            endpoints.MapControllers();
        });
    }
}

In the code above:

  • We've added CORS services by calling services.AddCors in the ConfigureServices method.
  • We've configured a CORS policy named "AllowSpecificOrigin" that allows requests from "http://example.com" and "https://example.com." You can customize the allowed origins, headers, and methods according to your requirements.

Apply the CORS Policy:

To apply the CORS policy to your controllers or specific actions, you can use the [EnableCors] attribute:

using Microsoft.AspNetCore.Mvc;
using Microsoft.AspNetCore.Cors;

[ApiController]
[Route("api/[controller]")]
public class MyController : ControllerBase
{
    [HttpGet]
    [EnableCors("AllowSpecificOrigin")] // Apply the CORS policy
    public IActionResult Get()
    {
        // Your action logic here
    }
}

In this example, the "AllowSpecificOrigin" CORS policy is applied to the Get action of the MyController.

With these configurations, your ASP.NET Core 6.0 Web API project is now set up to allow cross-origin requests from the specified domains. Be sure to customize the CORS policy to match your specific needs, such as allowing multiple origins, headers, or methods.

MindStick Training
MindStick Training

Liked By

We use cookies to ensure you have the best browsing experience on our website. By using our site, you acknowledge that you have read and understood our Cookie Policy & Privacy Policy