CORS blocks direct access to API from Blazor
I've setup an Aspire solution with a Blazor WebAssembly and an API projects. API runs on https://localhost:7476 and Blazor is served from https://localhost:7077. Generally any API registered with MapPost or MapGet is working as expected because by default Blazor app runs in InteractiveServer mode, so all APIs appear to be called via internal SignalR connection.
However for uploading files from the web, I need to hit the API endpoint directly. I'm using RadzenUpload component to do so, and I've configured it to hit https://localhost:7476/api/upload
However the browser gives me an error:
Access to XMLHttpRequest at 'https://localhost:7476/api/upload' from origin 'https://localhost:7077' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
I've tried adding the following to both the API and the Blazor's Program.cs but that didn't help. Any help is greatly appreciated.
builder.Services.AddCors(o => o.AddPolicy("AllowAll", builder =>
{
builder.AllowAnyOrigin()
.AllowAnyMethod()
.AllowAnyHeader();
}));
...
var app = builder.Build();
app.UseCors("AllowAll");
The error indicates the response from server lacks header Access-Control-Allow-Origin (which would be appended by app.UseCors() middleware), So you don't have to add the cors related codes in your blazor app,just add the codes in your webapi project
Also,try modify your policy to
builder.Services.AddCors(o => o.AddPolicy("MyPolicy", builder =>
{
builder.WithOrigins("https://localhost:{port of your blazor app}")
.AllowAnyMethod()
.AllowAnyHeader()
.AllowCredentials();
}));
......
app.UseCors("MyPolicy");
if you are working on controller based webapi,notice the order of the middleware,follow the sample in official document
It now works on myside:
- Custom AuthenticationStateProviderService error on localstorage
- Blazor execute C# and JS function in one button onclick event
- How can I declare an array for ChildContent RenderFragment
- Html number input handling in blazor
- There was no runtime pack for Microsoft.AspNetCore.App available for the specified RuntimeIdentifier 'browser-wasm'
- Enable content on row hover in Blazor wasm
- Why is @foreach with @onclick not working?
- How to avoid selecting the default value in a <select> dropdown in Blazor?
- .Net 8.0 Blazor: Authorize with policy on Page always redirecting to non-existent Identity Access Denied page
- Get Current User in a component
- CORS blocks direct access to API from Blazor
- Blazor: Reference to child page displayed by RenderFragment Body
- How do I put together a Blazor Page that will call a javascript file that needs to import an ESModule?
- Displaying the local machine camera feed in a Blazor Web Assembly app
- Blazor (Server Side) TextArea Fails With Long-ish Strings
- FluentEditForm says that there is no data, despite data entered being there
- Returning Null Generic Type
- Getting error "Failed trusting the certificate" while running my Blazor App in Visual Studio 2022
- Process with an Id of XXXX is not running | Visual Studio 2022
- How might I avoid repeat Blazor-generated HTML attributes between conditionally-rendered elements?
- Mudblazor MudDropZone - Simple Blazor App - How do I catch DragStart and DragEnd events?
- Blazor 8 MudBlazor Tooltip Y position incorrect after scrolling the page
- Maui x Blazor, disable saved info proposition for input
- Why use await Task.Delay(1) in Blazor wasm?
- Auto reconnect Blazor Serverside
- Blazor - .NET 8.0 - InvalidOperationException: Cannot find the fallback endpoint specified by route values: { page: /_Host, area: }
- Blazor app doesn't load and uses large amounts of RAM when layout is declared in _Imports.razor
- Is one SynchronisationContext used over multiple threads/tasks?
- Blazor Server app not redirecting to an external payment app url
- Why is OnInitialized triggered when using NavigationManager to navigate to the same page