Gunakan CORS
//Example
app.UseCors(x => x.AllowAnyHeader().AllowAnyMethod().WithOrigins("https://localhost:4200"));
Embarrassed Echidna
//Example
app.UseCors(x => x.AllowAnyHeader().AllowAnyMethod().WithOrigins("https://localhost:4200"));
CORS => (Cross-Origin Resource Sharing)
sharing resources between different sources
There is this thing called CORS which stands for Cross Origin Resource Sharing. The page where swagger documentation is shown is fetched from our servers, but the swagger UI also needs to make calls to the server where the REST API is. This is a potential security risk, so browser wants to ask permission from the REST API server if it’s ok to use those resources (i.e. try out the API thru web UI swagger documentation)
If you want to make anything except a simple GET or there are any custom headers, the browser wants to make a preflight query to the back end. Browser wants to know if it’s ok to ask whatever it actually wants to ask. So the browser sends an OPTIONS method query to the back end passing along all the headers that the actual request will need. Sounds simple enough (yeah OK, it took me some time until I figured it out. I’m a bit slow) what can go wrong?