-
Notifications
You must be signed in to change notification settings - Fork 81
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Need to send "Origin" header when connecting from JavaScript to avoid CORS problems #31
Comments
I think you need to solve this issue, pure server side. this is key to get it working |
Can second that. Check out the CORS section here: https://docs.microsoft.com/en-us/aspnet/signalr/overview/guide-to-the-api/hubs-api-guide-javascript-client |
Thanks, will do. |
Hi,
My connection to SignalR returns HTTP200 as before, but there is still no "Access-Control-Allow-Origin" header. I do, however, have "web-config-was-read" and "SetCorsPolicyCalled" headers, which shows that my code is, in fact, being called - but the "Access-Control-Allow-Origin" header is specifically being stripped out. When I add an "Origin" header to my SignalR request, however, I do get back the "Access-Control-Allow-Origin" header. What am I doing wrong? And - as a shortcut - is it possible somehow to get the ng2-signalr library to send that "Origin" header? |
Incidentally, @HNeukermans , I added that line:
Made no difference. The only thing that seems to work is sending an "Origin" header in the request. |
Problem solved on the Azure side. Still, according to what Petre Poposcu says there, the client should be sending an |
Hi,
My SignalR host is an Azure App Service. The CORS behavior seems to be different from other hosts, in that if you don't explicitly send an "Origin" header in the connection request, it does not respond with an "Access-Control-Allow-Origin" header, and the browser spits out a CORS error.
Is there some way to do this in the current release, or is that a new feature?
The text was updated successfully, but these errors were encountered: