Chapter 9. Enabling Cross-Origin Resource Sharing (CORS) in ASP.NET Web API
This chapter will help you in learning how to enable CORS in your Web API application.
In this chapter, we will cover the following topics:
- What is CORS?
- How CORS works
- Setting the allowed origins
- Setting the allowed HTTP methods
- Setting the allowed request headers
- Setting the allowed response headers
- Passing credentials in cross-origin requests
- Enabling CORS at various scopes
What is CORS?
According to the same-origin policy, browser security avoids any AJAX requests from one domain to your Web API on another domain in order to prevent a malicious site from reading sensitive data or posting it to another site. But, in some cases, you may need to enable other domains to call your ...
Get ASP.NET Web API Security Essentials now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.