ASP.net C# webform ADFS hitting CORS error

Question

I keep hitting CORS error when i want to redirect to ADFS server in webform. Below are the error that i hit:

I tried few method as mention in below link: CORS endpoints on asp.net Webforms [WebMethod] endpoints

However, nothing is working. Not sure if I missed anything in the ADFS setting? In my other project that is using MVC, it is working fine. Just the webform keep hitting this error.

Login.aspx.cs

protected void LoginSSO(object sender, EventArgs e)
    {
        Response.AppendHeader("Access-Control-Allow-Origin", "*");
        Response.AppendHeader("Access-Control-Allow-Methods", "*");
        ExternalLogin bUsr = new ExternalLogin();

        HttpContextWrapper contextWrapper = new HttpContextWrapper(this.Context);
        var translator = new ActionResultTranslator(contextWrapper);
        translator.Execute(bUsr.ExternalLoginADFS("ExternalLoginCallback.aspx"));
    }

ExternalLogin.aspx.cs

public partial class ExternalLogin : System.Web.UI.Page
{
    private const string XsrfKey = "XsrfId";

    public string RedirectUri { get; private set; }

    [AllowAnonymous]
    public ActionResult ExternalLoginADFS(string returnUrl)
    {
        return new ChallengeResult(WsFederationAuthenticationDefaults.AuthenticationType, "ExternalLoginCallback.aspx");
    }

    [HttpPost]
    [AllowAnonymous]
    public ActionResult ExternalLoginADFS(string provider, string returnUrl)
    {
        return new ChallengeResult(provider, "ExternalLoginCallback.aspx");
    }

    internal class ChallengeResult : HttpUnauthorizedResult
    {
        public ChallengeResult(string provider, string redirectUri)
            : this(provider, redirectUri, null)
        {
        }

        public ChallengeResult(string provider, string redirectUri, string userId)
        {
            LoginProvider = provider;
            RedirectUri = redirectUri;
            UserId = userId;
        }

        public string LoginProvider { get; set; }
        public string RedirectUri { get; set; }
        public string UserId { get; set; }
        public Task<ActionResult> Task { get; }

        public class ActionResultTranslator
        {

            HttpContextBase _context;

            public ActionResultTranslator(HttpContextBase context)
            {

                _context = context;
            }
            [HttpGet]
            public void Execute(ActionResult actionResult)
            {

                ControllerContext fakeContext = new ControllerContext();
                fakeContext.HttpContext = _context;

                actionResult.ExecuteResult(fakeContext);
            }
        }

        [HttpGet]
        public override void ExecuteResult(ControllerContext context)
        {
            var properties = new AuthenticationProperties { RedirectUri = RedirectUri };
            if (UserId != null)
            {
                properties.Dictionary[XsrfKey] = UserId;
            }

            context.HttpContext.GetOwinContext().Authentication.Challenge(properties, LoginProvider);
        }
    }
}

Answer 1

I have found the solution.

Solution:

https://learn.microsoft.com/en-us/windows-server/identity/ad-fs/operations/customize-http-security-headers-ad-fs

Run the PowerShell script to enable it