6th November, 2014

Web.config snippet to allow CORS

<?xml version="1.0" encoding="UTF-8"?>
<configuration>
    <system.webServer>
        <httpProtocol>
            <customHeaders>
                <add name="Access-Control-Allow-Origin" value="*" />
                <add name="Access-Control-Allow-Headers" value="Content-Type" />
                <add name="Access-Control-Allow-Methods" value="POST,GET,OPTIONS" />
            </customHeaders>
        </httpProtocol>
    </system.webServer>
</configuration>

 

Comments

  1. 29th April 2015 Adam said
    Don't forget to add 
    
        Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method

Add Comment

The opinions expressed here are my own and not those of my employer.