So I have a front-end Angular app where I fill in a small form and want to send the data to my Web API which also runs on localhost. My Angular app runs on http://localhost:4200/ and my web api runs on https://localhost:44302/api/input .
On form submit, the following method(s) will be called:
public uploadFormData(): void {
const form = $('#inputForm')[0];
const files = ($('#fileUpload') as any);
const formData = new FormData();
const file = files[0];
formData.append('tenant', form[0].value);
formData.append('title', form[1].value);
formData.append('file', file, file.name);
this.uploadService.uploadForm(formData)
.subscribe(res => this.fileUploaded(res));
}
private fileUploaded(data: any): void {
$('#message').html('Response: 200 OK !');
}
This will go to my service, as seen here:
public uploadForm(formdata: any) {
const url = 'https://localhost:44302/api/input';
const headers = new Headers({'encrypt': 'multipart/form-data'});
const options = new RequestOptions({ headers: headers });
return this.http.post(url, formdata, options)
.catch(this.errorHandler);
}
private errorHandler(error: Response) {
return Observable.throw(error || 'Some error on server occured: ' + error);
}
If I remove the headers & options (and also the options from my http.post), the end result is the same: a 500 server error will be thrown saying
"No 'Access-Control-Allow-Origin' header is present on the requested
resource. Origin 'http://localhost:4200' is therefore not allowed access.
The response had HTTP status code 500."
So on my server-side I have a .NET Core 2 Web API running on localhost. Here's my Startcup.cs file so you can see I have configured CORS:
// This method gets called by the runtime. Use this method to add services to the container.
public void ConfigureServices(IServiceCollection services)
{
services.AddAuthentication(sharedOptions =>
{
sharedOptions.DefaultScheme = JwtBearerDefaults.AuthenticationScheme;
})
.AddAzureAdBearer(options => Configuration.Bind("AzureAd", options));
services.AddMvc();
services.AddCors();
}
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app, IHostingEnvironment env)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
app.UseCors(builder =>
builder.WithOrigins("http://localhost:4200")
//builder.AllowAnyOrigin()
.AllowAnyMethod()
.AllowAnyHeader());
app.UseAuthentication();
app.UseMvc();
}
Here you can find the code for my controller that will accept the input:
// POST api/input
[HttpPost]
public IActionResult Post(FormCollection data)
{
var inputdata = data;
//var test = JsonConvert.DeserializeObject<SPInputObject>(data);
return Ok("POST all good");
}
I don't even know if the "FormCollection data" is the correct parameter, because I can't get into my web api due to those CORS issues.
So can anyone see what might be the problem?
EDIT: here you can see what the response/request headers are in Chrome dev tools BEFORE the server 500 error:
Here's what I see AFTER the 500 server error:
{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://i.stack.imgur.com/Vt7jM.png', '推荐 闹够了就滚 的文章《.NET Core 2 Web API: CORS issues》','https://www.manongdao.com/article-2096873.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}