SignalR CORS on Azure Mobile Services Web Api

Question

I have an Azure Mobile Service running Web Api and c# and enabled CORS as suggested in Enable CORS on Azure Mobile Serivce .NET Backend however I have now come to add SignalR into the mix.

SignalR is working fine however I can't see to find how to enable CORS.

At present in my test app config I have the following:

//enable CORS for WebAPI
var cors = new EnableCorsAttribute("*", "*", "*");
httpconfig.EnableCors(cors);
//rather than use the static method new up SignalRExtensionConfig and pass the current config, hopefully allowing CORS...
var signalRConfig = new SignalRExtensionConfig();
signalRConfig.Initialize(httpconfig, ioc);

But CORS doesn't work for SignalR hubs, it only works for WebAPI :( I get the frustrating:

No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'null' is therefore not allowed access.

I have inspected the response headers and can confirm nothing is being sent back.

Can anyone advise?

Answer 1

I'm using the code below to add CORS to SignalR in my WebAPI project. But it's not running inside Mobile Service. Not sure if this helps.

public class Startup
    {
        public void Configuration(IAppBuilder app)
        {
            app.Map("/signalr", map =>
                {
                    // Setup the CORS middleware to run before SignalR.
                    // By default this will allow all origins. You can 
                    // configure the set of origins and/or http verbs by
                    // providing a cors options with a different policy.
                    map.UseCors(CorsOptions.AllowAll);
                    var hubConfiguration = new HubConfiguration
                    {
                        // You can enable JSONP by uncommenting line below.
                        // JSONP requests are insecure but some older browsers (and some
                        // versions of IE) require JSONP to work cross domain
                        // EnableJSONP = true
                        EnableJavaScriptProxies = false
                    };
                    // Run the SignalR pipeline. We're not using MapSignalR
                    // since this branch already runs under the "/signalr" path.
                    map.RunSignalR(hubConfiguration);
                });
        }
    }

Pasted as an answer since it doesn't multi-line codes in comment. Please ignore if it doesn't help.

Answer 2

I have found a way to enable CORS for SignalR but it doesn't seem the "Correct" way. But it's enough to get playing with for development until I hear back from our Mobile Services friends.

The Azure Mobile Services SignalR NuGet package contains a OwinAppBuilderExtension class. This class is used during startup to extend the Owin setup for signalr. I then subclassed this and overrode the ConfigureSignalR method.

Inside this method you get access to IAppBuilder. Once here I simply added appBuilder.UseCors(CorsOptions.AllowAll); before base.ConfigureSignalR(appBuilder);

Now this is far from ideal as I have enabled CORS for everything and said to allow all. But for dev testing this is OK and I will provide a custom CORS Policy later any how.

The final step is to set our new subcclass(CORSSignalROwinAppBuilderExtension) to be used by our service.

Within your HttpConfig setup

 var configBuilder = new ConfigBuilder(options, (httpconfig, ioc) =>
 {
       ioc.RegisterInstance(new CORSSignalROwinAppBuilderExtension(httpconfig)).As<IOwinAppBuilderExtension>();
 });

Hope this helps