Enabling cors in web api and jquery

Question

Hi friends i working on mobile app with service on another domain when i try to post on web api i getting this error. "Access-Control-Allow-Origin' does not match ' http://localhost:port '

I try everything but still getting error. Added configuration in config file.

 <customHeaders>
    <add name="Access-Control-Allow-Headers" value="*" />
    <add name="Access-Control-Allow-Origin" value="http://localhost:3391/" >
    <add name="Access-Control-Request-Method" value="POST,GET" />                
 </customHeaders>

  $.ajax({
            url: "http://localhost:4656/values",
            crossDomain: true,
            data: data,
            type: "post",
            xhrFields: {
                withCredentials: true
            },
            contentType: "application/json; charset=utf-8",
            dataType: "json",
            beforeSend: function (xhr) {
                xhr.setRequestHeader("Access-Control-Allow-Origin", "*");
            },
            headers: {
                "Access-Control-Allow-Origin": 'http://localhost:3391/',
                "Access-Control-Allow-Headers": "*"
            },
            success: function () {

            }
        })

try everything but failed please provide solution thanks in advance.

Answer 1

最好创建一个CORS政策来做到这一点，请阅读官方文档以创建和使用它： http : //www.asp.net/web-api/overview/security/enabling-cross-origin-requests-in-web -api ，也不要使用*（是一个安全漏洞），添加对您信任的域。