Web API - How CORS works
Question
Trying to understand how Web API CORS is supposed to work.
If I have a Web API service at abc.com/api/MyService, shouldn't default Web API settings prevent domains other than abc.com from accessing this service?
For instance, if the service is called via SoapUI on a remote machine, shouldn't a cross-domain error be produced?
1 answers
solution1
0 2014-01-27 03:15:21
CORS is to allow/disallow JavaScript code running in a page shown by a browser to access service from other domain.
Any other ways of calling service that supports CORS will continue to work as before. Indeed there could be some custom code that checks CORS headers, but checking CORS headers is very unusual for applications since most don't have same origin policy enforced by browsers.
So in your case it looks like you use a tool that does not have any "same origin" restrictions and thus not affected by CORS headers.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.