CORS stands for Cross Origin Resource Sharing

I am developing a web service using .Net framework. There is another Web service or API am trying to access in my local machine on client side of this Web Service am working on. However I was getting the following error when I try to access this other API sitting out site my local environment.

No ‘Access-Control-Allow’ origin header is present on the requested resource

I spent a lot of time trying to figure out how I could access this resource from my client side scripts. Turns out I had to add custom header to web.config file on IIS server in order for my javascripts to access the external API.

  <?xml version="1.0" encoding="utf-8"?>
     <configuration>
       <system.webServer>
          <httpProtocol>
             <customHeaders>
                  <add name="Access-Control-Allow-Origin" value="*" />
             </customHeaders>
           </httpProtocol>
       </system.webServer>
      </configuration>

I hope this saves someone some dev time 🙂

Summary
-The server/api you’re making request to has to implement CORS to grant access to javascripts(angular/jquery/*)
-The scripts can’t grant themselves access. So don’t waste time trying to implement this CORS in your scripts to get access to resources on the server. I mean you could but personally haven’t figure out a way, so let’s assume its not possible for the sake of this post 🙂

Sources:
stackoverflow
Enable CORS on IIS

Advertisements