SignalR 1.0.1 Cross-domain request (CORS) with Chrome

7
votes

I am trying to implement the Cross-domain calls with SignalR 1.0.1 with Chrome (Ver 25.0.1364.172). As I have my UI in one host (localhost:16881) and the 'service' in another host (localhost:16901).

I have everything in place as in the topic How to use cross-domain connections (CORS - Access Control Allow Origin) with SignalR

 add jQuery.support.cors = true; before opening a connection
set up $.connection.hub.url = 'http://localhost:16901/signalr';, pointing to your subdomain

allow cross-domain requests on server side, by adding the following header description:

<add name="Access-Control-Allow-Origin" value="http://localhost:16881" />

inside system.WebServer/httpProtocol/customHeaders section in Web.config file.

I also have the HubConfiguration set up for my route mapping in global.asax for SignalR 1.0.1

            RouteTable.Routes.MapHubs(new HubConfiguration()
            {
                EnableCrossDomain = true
            });

Everything looks fine in IE10 and FF22. However in Chrome, it gives me an erorr when SignalR trying to do the handshake.

XMLHttpRequest cannot load http://localhost:16901/signalr/negotiate?_=1363560032589. Origin http://localhost:16881 is not allowed by Access-Control-Allow-Origin.

I know I can get it works with Chrome by launching it with --disable-web-security, but it doesn't really fit my requirement. Please help!

2
jqueryasp.net-mvcgoogle-chromesignalrcors

2 Answers

11
votes

Here's what you need to do:

  1. Remove jQuery.support.cors = true
  2. Remove <add name="Access-Control-Allow-Origin" value="http://localhost:16881" />

Then it should work fine.

0
votes

You don't need to use

jQuery.support.cors = true;

Instead you can enable CORS support on your Startup class on Configuration method. Here is some of the example:

        // Branch the pipeline here for requests that start with "/signalr"
        app.Map("/signalr", map =>
        {
            // Setup the CORS middleware to run before SignalR.
            // By default this will allow all origins. You can 
            // configure the set of origins and/or http verbs by
            // providing a cors options with a different policy.
            map.UseCors(CorsOptions.AllowAll);
            var hubConfiguration = new HubConfiguration 
            {
                // You can enable JSONP by uncommenting line below.
                // JSONP requests are insecure but some older browsers (and some
                // versions of IE) require JSONP to work cross domain
                // EnableJSONP = true
            };
            // Run the SignalR pipeline. We're not using MapSignalR
            // since this branch already runs under the "/signalr"
            // path.
            map.RunSignalR(hubConfiguration);
        });