4
votes

I am trying to migrate my Web Api2 to ASP.NET core web api project. In my project we are using EnableCors features.

I found this document on Microsoft site, which I am using as a reference - https://docs.asp.net/en/latest/security/cors.html

As mentioned in 'Enabling CORS in MVC' section, I am trying to enable cors globally in ConfigureServices menthod like this -

services.Configure<MvcOptions>(options =>
            {
                options.Filters.Add(new CorsAuthorizationFilterFactory("AllowSpecificOrigin"));
            });

However, I am getting this error which I couldn't understood-

The call is ambiguous between the following methods or properties: 'Microsoft.Extensions.DependencyInjection.OptionsServiceCollectionExtensions.Configure(Microsoft.Extensions.DependencyInjection.IServiceCollection, System.Action)' and 'Microsoft.Extensions.DependencyInjection.OptionsServiceCollectionExtensions.Configure(Microsoft.Extensions.DependencyInjection.IServiceCollection, System.Action)'

Refer Error Screenshot here - ERROR scrrenshot

Could anyone please let me know how do I enable CORS globally in my ASP.NET core WebApi project?

Project.json:

{
  "userSecretsId": "aspnet5-MVC6",
  "version": "1.4.0-*",
  "buildOptions": {
    "emitEntryPoint": true,
    "preserveCompilationContext": true
  },

  "dependencies": {
    "Microsoft.ApplicationInsights.AspNetCore": "1.0.0",
    "Microsoft.AspNetCore.Authentication.Cookies": "1.0.0",
    "Microsoft.AspNetCore.Diagnostics": "1.0.0",
    "Microsoft.AspNetCore.Diagnostics.EntityFrameworkCore": "1.0.0",
    "Microsoft.AspNetCore.Identity": "1.0.0",
    "Microsoft.AspNetCore.Identity.EntityFrameworkCore": "1.0.0",
    "Microsoft.AspNetCore.Mvc": "1.0.0",
    "Microsoft.AspNetCore.Mvc.TagHelpers": "1.0.0",

    "Microsoft.AspNet.Cors": "6.0.0-rc1-final",

    "Microsoft.AspNetCore.Server.IISIntegration": "1.0.0",
    "Microsoft.AspNetCore.Server.Kestrel": "1.0.0",
    "Microsoft.AspNetCore.StaticFiles": "1.0.0",
    "Microsoft.EntityFrameworkCore": "1.0.0",
    "Microsoft.EntityFrameworkCore.SqlServer": "1.0.0",
    "Microsoft.Extensions.Configuration.CommandLine": "1.0.0",
    "Microsoft.Extensions.Configuration.FileExtensions": "1.0.0",
    "Microsoft.Extensions.Configuration.Json": "1.0.0",
    "Microsoft.Extensions.Configuration.UserSecrets": "1.0.0",
    "Microsoft.Extensions.Logging": "1.0.0",
    "Microsoft.Extensions.Logging.Console": "1.0.0",
    "Microsoft.Extensions.Logging.Debug": "1.0.0",
    "Microsoft.VisualStudio.Web.BrowserLink.Loader": "14.0.0"
  },

  "tools": {
    "BundlerMinifier.Core": "2.0.238",
    "Microsoft.AspNetCore.Razor.Tools": "1.0.0-preview2-final",
    "Microsoft.AspNetCore.Server.IISIntegration.Tools": "1.0.0-preview2-final",
    "Microsoft.Extensions.SecretManager.Tools": "1.0.0-preview2-final"
  },

  "frameworks": {
    "netcoreapp1.0": {
      "imports": [
        "dnxcore50"
      ],
      "dependencies": {
        "Microsoft.NETCore.App": {
          "type": "platform",
          "version": "1.0.0"
        }
      }
    },
    "net461": {
      "dependencies": {
        "Microsoft.VisualStudio.Web.CodeGenerators.Mvc": "1.0.0-preview2-final"
      }
    }
  },

  "publishOptions": {
    "exclude": [
      "**.user",
      "**.vspscc",
      "wwwroot",
      "node_modules"
    ]
  },

  "scripts": {
    "prepublish": [ "npm install", "bower install", "gulp clean", "gulp min" ]
  }
}
2
I suspect you mixed up dependencies. Post your project.json, likely one of your dependencies is fetching an outdated/different version of the options libraryTseng
@Tseng Added project.jsonSameer Pawar
Told ya, "Microsoft.AspNet.Cors": "6.0.0-rc1-final" That's an outdated package. "Microsoft.AspNetCore.Cors": "1.0.0"` is correct oneTseng

2 Answers

1
votes

You mixed up the dependencies.

"Microsoft.AspNet.Cors": "6.0.0-rc1-final"

is an very old version and results in your solution having loaded two different assemblies with the same namespace and types and compiler doesn't know which one to use.

Change it to

"Microsoft.AspNetCore.Cors": "1.0.0"

All Microsoft.AspNet.* packages are very old and shouldn't be used. They all got renamed to Microsoft.AspNetCore.* with RC2

0
votes

Asp.Net Documentation Says:

To setup CORS for your application add the Microsoft.AspNetCore.Cors package to your project. Add the CORS services in Startup.cs:

public void ConfigureServices(IServiceCollection services)
{
      services.AddCors();
}

To enable CORS for your entire application add the CORS middleware to your request pipeline using the UseCors extension method. Note that the CORS middleware must precede any defined endpoints in your app that you want to support cross-origin requests (ex. before any call to UseMvc ).

You can specify a cross-origin policy when adding the CORS middleware using the CorsPolicyBuilder class. call UseCors with a lambda:

public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory)
{
     loggerFactory.AddConsole();
     if (env.IsDevelopment())
     {
        app.UseDeveloperExceptionPage();
     }
     // Shows UseCors with CorsPolicyBuilder.
     app.UseCors(builder =>
     builder.WithOrigins("http://example.com").AllowAnyMethod().AllowAnyHeader());
     app.Run(async (context) =>
     {
          await context.Response.WriteAsync("Hello World!");
     });
 }