www.hkvforums.com

So I have populated both Access-Control-Allow-Origin and API Access-Control-Allow-Origin in Advanced settings, but I'm still getting blocked by CORS. I've tried entering the domain itself, astersisks, leaving it blank, double-quotes, etc to no avail.

My asp.net maker app is running on SERVER A, the server making jquery/ajax requests is on SERVER B

Error:

Access to XMLHttpRequest at 'https://www.SERVER_A.net/discipline2024/api/list/viewGetDiscipline?student=2323' from origin 'https://www.SERVER_B.net' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.

I can login to the API using the code from the JWT section of the asp.net maker documentation. If I disable CORS everything is good (open -n -a /Applications/Google\ Chrome.app/Contents/MacOS/Google\ Chrome --args --user-data-dir="/tmp/chrome_dev_test" --disable-web-security)

Running asp.net maker 2024 (latest) with IIS

The default value ("*") should allow access from any origin. To debug, test with a browser and press F12 -> Network to check the CORS headers.

Note also that settings are outputted to the appsettings.json (for production environment) and appsettings.Development.json (for development environment), make sure the correct appsettings.json for your site 's environment is uploaded.