DEV Community

loading...

CORS .NET Core API, NGINX

yveralonen profile image yveralonen ・1 min read

Hello,

After 2 weeks, still having a CORS issue when my vuejs frontend (running on gnix) try to reach my .net core api (running on kestrek with a nginx reverse proxy).

However, I've followed all the examples and advices I've got.

Where am I wrong ? :(

Discussion (3)

pic
Editor guide
Collapse
dcruz1990 profile image
Dennis Quesada Cruz

Any update on this?

Collapse
smartcodinghub profile image
Oscar

Share your Startup.cs and your nginx config. Also, check the ForwardedHeaders middleware, probably you need it at the start of your pipeline.

Collapse
yveralonen profile image
yveralonen Author

Thank you Oscar :

1) the startip
2) the nginx.conf
3) the default site

1) ******************************************************************************

public class Startup
{
public Startup(IConfiguration configuration)
{
Configuration = configuration;
}

readonly string MyAllowSpecificOrigins = "AllowSpecificOrigin";

public IConfiguration Configuration { get; }

// This method gets called by the runtime. Use this method to add services to the container.
public void ConfigureServices(IServiceCollection services)
{

services.AddCors(options =>
{
options.AddPolicy(MyAllowSpecificOrigins,
builder =>
{
builder
.WithOrigins("*")
.AllowAnyMethod()
.AllowAnyHeader()
.AllowCredentials();
});
});

string domain = $"https://{Configuration["Auth0:Domain"]}/";
services.AddAuthentication(options =>
{
options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;

}).AddJwtBearer(options =>
{
options.Authority = domain;
options.Audience = Configuration["Auth0:ApiIdentifier"];
});

services.AddDbContext(options =>
options.UseMySQL(Configuration.GetConnectionString("HHH_DB")));

services.AddAuthorization(options =>
{
options.AddPolicy("read:messages", policy => policy.Requirements.Add(new HasScopeRequirement("read:messages", domain)));
});

// register the scope authorization handler
services.AddSingleton();

services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_2_1);
}

public void Configure(IApplicationBuilder app, IHostingEnvironment env)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
else
{
app.UseHsts();
}

app.UseForwardedHeaders(new ForwardedHeadersOptions
{
ForwardedHeaders = ForwardedHeaders.XForwardedFor | ForwardedHeaders.XForwardedProto
});

app.UseCors(MyAllowSpecificOrigins);

app.UseHttpsRedirection();

app.UseMvc(routes =>
{
routes.MapRoute(
name: "default",
template: "{controller=Places}/{action=Index}/{id?}");
});
}
}

2)*******************************************************************************

user www-data;
worker_processes auto;
pid /run/nginx.pid;
include /etc/nginx/modules-enabled/*.conf;

events {
worker_connections 768;
# multi_accept on;
}

http {

##
# Basic Settings
##

sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
# server_tokens off;

# server_names_hash_bucket_size 64;
# server_name_in_redirect off;

include /etc/nginx/mime.types;
default_type application/octet-stream;

##
# SSL Settings
##

ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
ssl_prefer_server_ciphers on;

##
# Logging Settings
##

access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;

##
# Gzip Settings
##

gzip on;

# gzip_vary on;
# gzip_proxied any;
# gzip_comp_level 6;
# gzip_buffers 16 8k;
# gzip_http_version 1.1;
# gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;

##
# Virtual Host Configs
##

include /etc/nginx/conf.d/.conf;
include /etc/nginx/sites-enabled/
;
}

3)*******************************************************************************

server {
listen 443 ssl;
listen [::]:443 ssl;

include snippets/self-signed.conf;
include snippets/ssl-params.conf;

server_name vps750978.ovh.net;

root /var/www/html;
index index.html index.htm index.nginx-debian.html;

index index.html index.htm index.nginx-debian.html;

server_name _;

location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
try_files $uri $uri/ =404;
}

}

server {
listen 80;
server_name _;

location / {
proxy_pass localhost:5000;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection keep-alive;
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;

Ajouter les headers de contrôle d'accès CORS

add_header 'Access-Control-Allow-Origin' '*' always;
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS' always;
add_header 'Access-Control-Allow-Headers' 'Origin, X-Requested-With, Content-Type, Accept' always;
add_header 'Access-Control-Allow-Credentials' 'true' always;

}
}