We are developing a project which is consisted of an Android Mobile App
along with a Web API
. The web API is Asp.net MVC Core.
I have enabled the CORS
service on my Startup.cs
, hence Mobile app API calls are Cross Origin accessible and I receive access-control-allow-origin →*
in the response headers.
A part of the result that API returns to the mobile app request is HTML (to be shown as an ad in a mobile view) containing some CSS files. When the HTML is loaded in the Mobile View, CSS files do not load because they seem not to be Cross Origin accessible.
Is there something I'm missing? Have I missed any configuration steps?
my CORS configuration is as follows:
public void ConfigureServices(IServiceCollection services)
{
...
services.AddCors(options =>
{
options.AddPolicy("RTBCors",
builder => builder.AllowAnyOrigin()
.AllowAnyMethod()
.AllowAnyHeader()
//.AllowCredentials()
);
});
services.Configure<MvcOptions>(options =>
{
options.Filters.Add(new Microsoft.AspNetCore.Mvc.Cors.Internal.CorsAuthorizationFilterFactory("RTBCors"));
});
services.AddMvc(...);
...
}
public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory)
{
...
app.UseCors("RTBCors");
app.UseMvc(routes => .... );
...
}