I have the SetPreFlightMaxAge in the Startup.cs. But the chrome Inspect > Network tab doesn't show it in the Response Headers.
Startup.cs
app.UseCors(o =>
{
o.WithOrigins(allowedDomains.ToArray())
.SetPreFlightMaxAge(TimeSpan.FromMinutes(10))
.AllowAnyHeader()
.AllowAnyMethod()
.AllowCredentials()
});
Response Headers (GET method): In addition to some other headers it sends these headers. There is a max-age in the third line below, but that's not the 10 mins value set in the Startup.cs
access-control-allow-credentials: true
access-control-allow-origin: ...
set-cookie: ...
strict-transport-security: max-age=2592000
vary: Origin,Accept-Encoding
Response Headers (OPTIONS method):
access-control-allow-credentials: true
access-control-allow-headers: ...
access-control-allow-origin: ...
set-cookie: ...
In .NET core 3.1 try adding it in ConfigureServices
services.AddCors(o => o.AddPolicy("xyzpolicy", builder =>
{
builder.AllowAnyOrigin()
.AllowAnyMethod()
.AllowAnyHeader()
.SetPreflightMaxAge(TimeSpan.FromMinutes(10));
}));
They say its caped to 2 hours for Chromium-based browsers
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.