ASP net core cors put method problem

Stephan Gimm 6 Reputation points
2021-11-10T19:19:57.86+00:00

Hello,

I have a problem i wrote a Controler and a website. The website is under the main domain https://abc.com, my services are in subdomains https://subdomain.abc.com.
I configured cors, GET and POST methods are working, but PUT makes problems:

Access to XMLHttpRequest at 'https://subdomain.abc.com/public/api/customers' from origin 'https://abc.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.

After a second try i get an addional error 405 method not allowed:

Controller

[Authorize]
        [Route("public/api")]
        public class CustomerController : Controller
        {
            private ICustomerService _customerService;

            public CustomerController(ICustomerService customerService)
            {
                _customerService = customerService;
            }
            [HttpGet("Customers")]
            public Customer GetCustomer()
            {
                return _customerService.GetCustomers(int.Parse(HttpContext.User.Claims.ToList()[1].Value));
            }

            [HttpPut("Customers")]
            public IActionResult UpdateCustomer([FromBody] Customer customer)
            {
                if (int.Parse(HttpContext.User.Claims.ToList()[1].Value) == customer.Id)
                {
                    _customerService.UpdateCustomer(customer);
                    return Ok();
                }
                return Unauthorized();
            }
        }

startup:

            services.AddCors(options =>
            {                
                options.AddPolicy("CorsPolicy", builder => builder.WithOrigins("https://*.abc.com", "https://abc.com").WithMethods("GET", "POST", "PUT", "DELETE").AllowAnyHeader().AllowCredentials().Build());
            });

app.UseRouting();

app.UseCors("CorsPolicy");

I tried a lot, i have no idea what can i do.
I hope you can help

ASP.NET Core
ASP.NET Core
A set of technologies in the .NET Framework for building web applications and XML web services.
4,135 questions
0 comments

3 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Stephan Gimm 6 Reputation points
    2021-11-10T19:48:06.847+00:00

    I found a solution .net core enables WEBDAV modules and it disables PUT and DELETE by default.
    This is one Solution 

          <modules runAllManagedModulesForAllRequests="false">
         <remove name="WebDAVModule" />
      </modules>
    1 person found this answer helpful.
  2. Bruce (SqlWork.com) 54,866 Reputation points
    2023-03-31T17:15:47.2433333+00:00

    also CORS does not allow wildcard domains, so "https://*.abc.com" is invalid.

    0 comments
  3. HARISH G 0 Reputation points
    2023-04-01T20:13:55.71+00:00 
    <system.webServer>
    <modules runAllManagedModulesForAllRequests="true">
      <remove name="WebDAVModule" />
    </modules>
    <handlers>
      <remove name="WebDAV" />
      <add name="aspNetCore" path="*" verb="*" modules="AspNetCoreModuleV2" resourceType="Unspecified" />
    </handlers>
    <aspNetCore processPath="%LAUNCHER_PATH%" arguments="%LAUNCHER_ARGS%" stdoutLogEnabled="false" stdoutLogFile=".\logs\stdout" forwardWindowsAuthToken="false" hostingModel="InProcess" />
  </system.webServer>