CORS包含从本地PC上的角度应用程序到asp.net核心API的帖子

Question

I have a local running ASP.NET core API service and a local Angular App. Most of my call's goes fine to the API but a single call keep giving me CORS errors. I suspect it is because it is an post operation? Does posts requires anything different according to CORS?

Anuglar ts:

loadGroup(groupName:string){
    this.apiService.getInfluencersWithFilter(this.query,groupName,null,null,this.ageRanges).subscribe((data) => {     
      this.influencerSearchResult = data.results;
      // this.searchGroupsFacet = data.facetGroupList;
      this.searchSubGroupsFacet = data.facetSubGroupList;
      this.showSubGroups = true;

   });
  }

Angular service:

getInfluencersWithFilter(q:string, group:string, subGroups:string[], socialAccounts:string[],ageRanges:AgeRange[]):Observable<InfluencerSearchContainer>
{    
        if(q==null)
        {
          q = "";
        }
        var url = `${environment.apiDomain}/api/InfluencersSearch/`;
        return  this.httpClient.post<InfluencerSearchContainer>(url,{q:"",group:group,subGroups:subGroups, socialAccounts:socialAccounts, ageRanges:ageRanges}).pipe(
          map(x => new InfluencerSearchContainer(x)));      
 }

Startup ASP.NET core:

public void ConfigureServices(IServiceCollection services)
    {
        services.AddScoped<DocumentClient>((s) =>
        {
            string EndpointUrl = Configuration["CosmosDB:EndpointUrl"];
            string PrimaryKey = Configuration["CosmosDB:PrimaryKey"];
            return new DocumentClient(new Uri(EndpointUrl), PrimaryKey);
        });

        var connStr = Configuration.GetConnectionString("DefaultConnection");
        services.AddDbContext<DB>(options => options.UseSqlServer(connStr));

        services.AddCors(options =>
        {
            options.AddPolicy("AllowSpecificOrigin",
                builder => builder.AllowAnyOrigin()
                       .AllowAnyHeader()
                       .AllowAnyMethod());
        });

        services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_2_1);
    }

  public void Configure(IApplicationBuilder app, IHostingEnvironment env)
    {
        if (env.IsDevelopment())
        {
            app.UseDeveloperExceptionPage();
        }
        else
        {
            app.UseHsts();
        }

        app.UseCors("AllowSpecificOrigin");
        app.UseHttpsRedirection();
        app.UseMvc();
    }

And controller:

  [HttpPost]
    public InfluencerSearchResultWithFacets Post([FromBody] InfluencerQuery q)
    {
        return GetSearchResult(q.q, q.group,q.subGroups, q.socialAccounts, q.ageRanges);
    }

Is there anything I am missing? I think everything is disabled here? As I write I suspect it has something todo with the Post, because the get actions works.

In postman it works:

I have also added following on the controller: [EnableCors("AllowSpecificOrigin")]

Answer 1

Sometimes,

1) If there is an error in the request payload (or) error in the api, the chrome developer tools console shows CORS.

Please console.log the request and test the api separately with postman/swagger with that.

If 1) not solving the issue

2) Sometimes IIS can block PUT and POST operations by default. Please see this .

if 1) and 2) not solving the problem

This could also be a problem

3) We May have to add [EnableCors("AllowSpecificOrigin")] to the controller.