Categories
Miscellaneous

Enable CORS IIS Express

While debugging a .NET MVC WebAPI project, I was getting the error, related to cross origin resource sharing:

No ‘Access-Control-Allow-Origin’ header is present on the requested resource. Origin ‘http://localhost:XXXXX’ is therefore not allowed access.

Once I added the following custom header to the IIS Express application host configuration, the errors disappeared.

<add name=”Access-Control-Allow-Origin” value=”*” />
<add name=”Access-Control-Allow-Headers” value=”Content-Type” />

I had to update the C:\Users\username\Documents\IISExpress\config\applicationhost.config file, by using Notepad++ (don’t forget to “Run as administrator”). You can also use AppCmd.exe, if command-line is your thing.

I also read updating the C:\Program Files (x86)\IIS Express\AppServer\applicationhost.config file can fix the problem, but this didn’t work for me.

Final result:

<httpProtocol>
 <customHeaders>
  <clear />
   <add name=”X-Powered-By” value=”ASP.NET” />
   <add name=”Access-Control-Allow-Origin” value=”*” />
   <add name=”Access-Control-Allow-Headers” value=”Content-Type” />

 </customHeaders>

</httpProtocol>

https://code.msdn.microsoft.com/CORS-support-in-ASPNET-Web-01e9980a/sourcecode?fileId=60420&pathId=1058340413