My Web Application(ASP.NET MVC5) hosted in Server A and Rest Service(WebAPI) is hosted in Server B. When the application access the WebAPI through IE11 , it works fine but in chrome, i got the error message as no access-control-allow-origin header is present
After Googling, i added this in the Web.config of WebAPI
<httpProtocol>
<customHeaders>
<add name="Access-Control-Allow-Origin" value="*" />
<add name="Access-Control-Allow-Headers" value="*" />
add name="Access-Control-Allow-Credentials" value="true" />
<add name="Access-Control-Allow-Methods" value="GET, POST, PUT, DELETE, OPTIONS" />
</customHeaders>
</httpProtocol>
And the below one in the client side call
var config = {
headers: {
'Access-Control-Allow-Headers': 'Origin, X-Requested-With, Content-Type, Accept',
'Access-Control-Allow-Origin': '*',
'Access-Control-Allow-Methods': '*',
'Access-Control-Allow-Credentials': true,
'X-Requested-With': 'XmlHttpRequest'
}
};
$http.get(url, config).success(function (data) {
var filteredData = data;
})
Now i m getting authorization error XMLHttpRequest cannot load (URL) Invalid HTTP status code 401
Also i have one more query, to overcome CORS error, do we need to add information only in client side or in server side or both required?