How to enable CORS (Cross-Origin Requests)

6 年 前
I want to make an ajax call for specified address,
I add this code above my function, doesn't work

[EnableCors(origins: "*", headers: "*", methods: "*")]
public ActionResult myfunction()

thanks in advance
2 个月 前
Please help
1 个月 前
According to this document - - it cannot be set by default;

Problem is sequence of registered middlewares;
1) "With endpoint routing, the CORS middleware must be configured to execute between the calls to UseRouting and UseEndpoints"
2)  " The call to UseCors must be placed after UseRouting, but before UseAuthorization"

By default NopCommerce first calls UseAuthorization and last UseRouting
1 个月 前
rafal_zabrowarny wrote:

By default NopCommerce first calls UseAuthorization and last UseRouting

There is a work item related with this.
2 周 前
You could add new NopStartup with order greater than NopMvcStartup value like below code.

using Microsoft.AspNetCore.Builder;
using Microsoft.Extensions.Configuration;
using Microsoft.Extensions.DependencyInjection;
using Nop.Core.Infrastructure;

namespace Nop.Web.Infrastructure
    public class CorsPolicyStartup : INopStartup
        public void ConfigureServices(IServiceCollection services, IConfiguration configuration)
            services.AddCors(feature =>
                    apiPolicy => apiPolicy
                        .SetIsOriginAllowed(host => true)

        public void Configure(IApplicationBuilder application)

        public int Order => 1001; //CorsPolicy should be after MVC

Then you could apply
attribute for yours whole Controller or specific action method.

I tested it for Nop4.20 and works as well.

Hope this can be helpful.

With best regards.
Developer from nopForest team.