I have a MVC Web API (hosted in IIS) which is in the wwwroot folder and locally accessible within the network.I can execute api calls like this: http://mylocalapi:133/api/Values/Get
and I get a result.
I have an external site which is http://example.org
and I would like to execute the same http://mylocalapi:133/api/Values/Get
.
Both the external facing site as well as the internal API site is hosted on the same server (but it can be different, for example a 3rd party vendor outside of the network)
I have CORS set up in my API like this:
[EnableCors(origins: "http://example.org", headers: "*", methods: "*")]
But I keep getting the following error:
XMLHttpRequest cannot load http://mylocalapi:133. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://example.org' is therefore not allowed access.
So get around it, I created a virtual directory (APICALLS
) in my external site and created a web.config file which will point to the local IIS site:
<?xml version="1.0" encoding="UTF-8"?>
<configuration>
<system.webServer>
<httpRedirect enabled="true" destination="http://mylocalapi:133" exactDestination="true" />
</system.webServer>
</configuration>
When I do that, I try to access the API like this: http://example.org/APICALLS/api/Values/Get
but I get the following error:
XMLHttpRequest cannot load http://mylocalapi:133. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://example.org' is therefore not allowed access.
What am I doing wrong and how can I resolve the issue.
See Question&Answers more detail:
os 与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…