Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at . (Reason: CORS header 'Access-Control-Allow-Origin' missing).

To Use This Code in Web.Config


<system.webServer>
    <httpProtocol>
      <customHeaders>
        <add name="Access-Control-Allow-Origin" value="*" />
      </customHeaders>
    </httpProtocol>
  </system.webServer>

Cross-Origin Resource Sharing (CORS)

Cross-Origin Resource Sharing (CORS) is a W3C Working Draft that defines how the browser and server must communicate when accessing sources across origins. The basic idea behind CORS is to use custom HTTP headers to allow both the browser and the server to know enough about each other to determine if the request or response should succeed or fail.

For a simple request, one that uses either GET or POST with no custom headers and whose body is text/plain, the request is sent with an extra header called Origin. The Originheader contains the origin (protocol, domain name, and port) of the requesting page so that the server can easily determine whether or not it should serve a response.

Comments

Popular posts from this blog

Unable to perform operation on the item is locked in workspace

Maximum Stored Procedure Function Trigger or View Nesting Level Exceeded (limit 32) in SQL Server

Insecure cookie setting: missing Secure flag