In the last section, we have discussed, how to host application using HTTP.SYS. Now, in this section, we will address how to handle CORS issue with ASP.NET Core APP hosted using Http.Sys and Angular 4. With current setting shown below,
If we try to send any POST or PUT request, it will result in following error.
Reason for this is anonymous authentication is marked as false. Therefore, for preflight condition anonymous should also be marked as true like shown below.
Now, with this setting, always anonymous will get passed in which means you will end up receiving Windows Auth as Null. In order to fix this, we need to couple of things. First in startup.cs file, we need to set default behavior for HTTP.SYS as shown below.
This also means we need to set [Authorize] attribute at those places, where I am expecting to use windows credentials say methods or directly on controller itself. Below, I have pasted finished snippet for startup.cs file.
And Similarly on controller like,
With that being said, Now when we run the app and check the behavior, it should work fine. I hope you would have liked this little trick around CORS with ASP.NET Core and Angular 4. Thanks for joining me.