I have an Angular frontend with a .NET framework backend, which has the following web.config
file (nothing else about authorization/authentication):
<location path="Tokens">
<system.webServer>
<security>
<authentication>
<windowsAuthentication enabled="true" />
<anonymousAuthentication enabled="false" />
</authentication>
</security>
</system.webServer>
</location>
<system.webServer>
<security>
<authentication>
<windowsAuthentication enabled="false" />
<anonymousAuthentication enabled="true" />
</authentication>
</security>
</system.webServer>
I am using AD login, which is the Tokens
controller, the rest is secured by JWT tokens.
My current problem is, I wish to test the website with other computers in the domain using IIS and the website works if I use localhost
, but as soon as I use my IP, errors start appearing.
My frontend configuration JSON:
{
...
"apiAddress": "https://IP:50505/",
...
}
And the backend web.config
also contains this:
<add key="WhitelistedServerUrls" value="https://IP:34622" />
So if the IP in the config files is localhost
, then everything works as it should, but if I exchange that for my actual IP, then I get CORS errors as shown in the image below:
None of these errors appear if I use localhost. Below is the list of the things I've tried:
HTTP Response Headers
feature in IIS
https://IP
to local intr.net in settings
My guess is that my IIS is not configured correctly, as the website works if I use localhost
instead of an IP address.
You enabled Windows authentication, so that when CORS preflight request (anonymous OPTION request) sent by the browser arrives on IIS, 401 is returned by IIS and triggers the errors you see.
You will have to use IIS CORS module to properly process such preflight requests,
https://blogs.iis.net/iisteam/getting-started-with-the-iis-cors-module
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.