Forem

yveralonen
yveralonen

Posted on

CORS .NET Core API, NGINX

Hello,

After 2 weeks, still having a CORS issue when my vuejs frontend (running on gnix) try to reach my .net core api (running on kestrek with a nginx reverse proxy).

However, I've followed all the examples and advices I've got.

Where am I wrong ? :(

Top comments (3)

Collapse
 
dcruz1990 profile image
Dennis Quesada Cruz

Any update on this?

Collapse
 
smartcodinghub profile image
Oscar

Share your Startup.cs and your nginx config. Also, check the ForwardedHeaders middleware, probably you need it at the start of your pipeline.

Collapse
 
yveralonen profile image
yveralonen

Thank you Oscar :

1) the startip
2) the nginx.conf
3) the default site

1) ******************************************************************************

public class Startup
{
public Startup(IConfiguration configuration)
{
Configuration = configuration;
}

readonly string MyAllowSpecificOrigins = "AllowSpecificOrigin";

public IConfiguration Configuration { get; }

// This method gets called by the runtime. Use this method to add services to the container.
public void ConfigureServices(IServiceCollection services)
{

services.AddCors(options =>
{
options.AddPolicy(MyAllowSpecificOrigins,
builder =>
{
builder
.WithOrigins("*")
.AllowAnyMethod()
.AllowAnyHeader()
.AllowCredentials();
});
});

string domain = $"https://{Configuration["Auth0:Domain"]}/";
services.AddAuthentication(options =>
{
options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;

}).AddJwtBearer(options =>
{
options.Authority = domain;
options.Audience = Configuration["Auth0:ApiIdentifier"];
});

services.AddDbContext(options =>
options.UseMySQL(Configuration.GetConnectionString("HHH_DB")));

services.AddAuthorization(options =>
{
options.AddPolicy("read:messages", policy => policy.Requirements.Add(new HasScopeRequirement("read:messages", domain)));
});

// register the scope authorization handler
services.AddSingleton();

services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_2_1);
}

public void Configure(IApplicationBuilder app, IHostingEnvironment env)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
else
{
app.UseHsts();
}

app.UseForwardedHeaders(new ForwardedHeadersOptions
{
ForwardedHeaders = ForwardedHeaders.XForwardedFor | ForwardedHeaders.XForwardedProto
});

app.UseCors(MyAllowSpecificOrigins);

app.UseHttpsRedirection();

app.UseMvc(routes =>
{
routes.MapRoute(
name: "default",
template: "{controller=Places}/{action=Index}/{id?}");
});
}
}

2)*******************************************************************************

user www-data;
worker_processes auto;
pid /run/nginx.pid;
include /etc/nginx/modules-enabled/*.conf;

events {
worker_connections 768;
# multi_accept on;
}

http {

##
# Basic Settings
##

sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
# server_tokens off;

# server_names_hash_bucket_size 64;
# server_name_in_redirect off;

include /etc/nginx/mime.types;
default_type application/octet-stream;

##
# SSL Settings
##

ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
ssl_prefer_server_ciphers on;

##
# Logging Settings
##

access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;

##
# Gzip Settings
##

gzip on;

# gzip_vary on;
# gzip_proxied any;
# gzip_comp_level 6;
# gzip_buffers 16 8k;
# gzip_http_version 1.1;
# gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;

##
# Virtual Host Configs
##

include /etc/nginx/conf.d/.conf;
include /etc/nginx/sites-enabled/
;
}

3)*******************************************************************************

server {
listen 443 ssl;
listen [::]:443 ssl;

include snippets/self-signed.conf;
include snippets/ssl-params.conf;

server_name vps750978.ovh.net;

root /var/www/html;
index index.html index.htm index.nginx-debian.html;

index index.html index.htm index.nginx-debian.html;

server_name _;

location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
try_files $uri $uri/ =404;
}

}

server {
listen 80;
server_name _;

location / {
proxy_pass localhost:5000;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection keep-alive;
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;

Ajouter les headers de contrôle d'accès CORS

add_header 'Access-Control-Allow-Origin' '*' always;
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS' always;
add_header 'Access-Control-Allow-Headers' 'Origin, X-Requested-With, Content-Type, Accept' always;
add_header 'Access-Control-Allow-Credentials' 'true' always;

}
}

Image of Datadog

Create and maintain end-to-end frontend tests

Learn best practices on creating frontend tests, testing on-premise apps, integrating tests into your CI/CD pipeline, and using Datadog’s testing tunnel.

Download The Guide

👋 Kindness is contagious

Explore a sea of insights with this enlightening post, highly esteemed within the nurturing DEV Community. Coders of all stripes are invited to participate and contribute to our shared knowledge.

Expressing gratitude with a simple "thank you" can make a big impact. Leave your thanks in the comments!

On DEV, exchanging ideas smooths our way and strengthens our community bonds. Found this useful? A quick note of thanks to the author can mean a lot.

Okay