enabling cross-origin resource sharing on IIS7

by

It is likely a case of IIS 7 ‘handling’ the HTTP OPTIONS response instead of your application specifying it. To determine this, in IIS7,

  1. Go to your site’s Handler Mappings.

  2. Scroll down to ‘OPTIONSVerbHandler’.

  3. Change the ‘ProtocolSupportModule’ to ‘IsapiHandler’

  4. Set the executable:
    %windir%\Microsoft.NET\Framework\v4.0.30319\aspnet_isapi.dll

Now, your config entries above should kick in when an HTTP OPTIONS verb is sent.

Alternatively you can respond to the HTTP OPTIONS verb in your BeginRequest method.

    protected void Application_BeginRequest(object sender,EventArgs e)
    {
        HttpContext.Current.Response.AddHeader("Access-Control-Allow-Origin", "*");

        if(HttpContext.Current.Request.HttpMethod == "OPTIONS")
        {
            //These headers are handling the "pre-flight" OPTIONS call sent by the browser
            HttpContext.Current.Response.AddHeader("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE");
            HttpContext.Current.Response.AddHeader("Access-Control-Allow-Headers", "Content-Type, Accept");
            HttpContext.Current.Response.AddHeader("Access-Control-Max-Age", "1728000" );
            HttpContext.Current.Response.End();
        }

    }

More Related Contents:

  1. “Origin null is not allowed by Access-Control-Allow-Origin” error for request made by application running from a file:// URL
  2. Origin is not allowed by Access-Control-Allow-Origin
  3. How to enable CORS in AngularJs
  4. Why does my http://localhost CORS origin not work?
  5. Origin null is not allowed by Access-Control-Allow-Origin
  6. No ‘Access-Control-Allow-Origin’ header is present on the requested resource. Origin ‘…’ is therefore not allowed access
  7. Why am I seeing an “origin is not allowed by Access-Control-Allow-Origin” error here? [duplicate]
  8. A CORS POST request works from plain JavaScript, but why not with jQuery?
  9. AngularJS: No “Access-Control-Allow-Origin” header is present on the requested resource [duplicate]
  10. Why am I seeing an “origin is not allowed by Access-Control-Allow-Origin” error here? [duplicate]
  11. Understanding XMLHttpRequest over CORS (responseText)
  12. Catching an Access-Control-Allow-Origin error in JavaScript
  13. CORS request not working in Safari
  14. How to Detect Cross Origin (CORS) Error vs. Other Types of Errors for XMLHttpRequest() in Javascript
  15. Microsoft Edge blocked cross-domain requests sent to IPs in same private network CIDR
  16. How does JavaScript handle AJAX responses in the background?
  17. how to bypass Access-Control-Allow-Origin?
  18. What limitations apply to opaque responses?
  19. Origin is not allowed by Access-Control-Allow-Origin
  20. Sending a JSON to server and retrieving a JSON in return, without JQuery
  21. How to create Document objects with JavaScript
  22. No ‘Access-Control-Allow-Origin’ header with Microsoft Online Auth
  23. SCRIPT5: Access is denied in IE9 on xmlhttprequest
  24. Javascript: Overriding XMLHttpRequest.open()
  25. CORS and Google Maps Places Autocomplete API calls [duplicate]
  26. How do I send an HTTP request from a Chrome extension?
  27. XmlHttpRequest onprogress interval
  28. socket.io, ‘Access-Control-Allow-Origin’ error
  29. XMLHttpRequest: Network Error 0x80070005, Access is denied on Microsoft Edge (but not IE)
  30. Phantom JS synchronous AJAX request : NETWORK_ERR: XMLHttpRequest Exception 101

Leave a Comment