C# webapi Cors Option request in server returns error 404 not found

Question

I am facing cors issue with Options preflight request shows 404 not found. Tested this in my local environment and my settings works completely fine. But when i tried to implement this in an actual IIS server, the Options preflight request shows 404 not found. My api is created as a web api project.

i had tried to set a preflight request handler as suggested in other post but its still not working. Is there any specific reason that it works only in local?

This section shows the option request:

General

Request URL: http://api.domain.cc/api/Login
Request Method: OPTIONS
Status Code: 404 Not Found
Remote Address: 192.168.10.5:80
Referrer Policy: strict-origin-when-cross-origin

Response Headers:
HTTP/1.1 404 Not Found
Content-Type: text/html
X-Powered-By: ASP.NET
Server: Domain
Date: Tue, 30 Mar 2021 07:54:34 GMT
Content-Length: 1245

Request Headers:

OPTIONS /api/Login HTTP/1.1
Host: api.domain.cc
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: http://site.domain.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.90 Safari/537.36
Sec-Fetch-Mode: cors
Referer: http://site.domain.cc/
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9,zh-TW;q=0.8,zh;q=0.7,zh-CN;q=0.6

I had setup my web.config as below:

<system.webServer>
      <handlers>
          <remove name="ExtensionlessUrlHandler-Integrated-4.0" />
          <remove name="OPTIONSVerbHandler" />
          <remove name="TRACEVerbHandler" />
          <add name="ExtensionlessUrlHandler-Integrated-4.0" path="*." verb="*" type="System.Web.Handlers.TransferRequestHandler" preCondition="integratedMode,runtimeVersionv4.0" />
      </handlers>
    <validation validateIntegratedModeConfiguration="false" />
    <modules>
      <remove name="ApplicationInsightsWebTracking" />
      <add name="ApplicationInsightsWebTracking" type="Microsoft.ApplicationInsights.Web.ApplicationInsightsHttpModule, Microsoft.AI.Web" preCondition="managedHandler" />
    </modules>    
  </system.webServer>

My web api config is as follows:

        public static void Register(HttpConfiguration config)
        {

            // Web API configuration and services
            EnableCorsAttribute cors = new EnableCorsAttribute(
                                        origins: "http://site.domain.cc",
                                        headers: "*",
                                        methods: "GET, POST, DELETE, PUT, OPTIONS")
            {
                SupportsCredentials = true
            };
            config.EnableCors(cors);

            // Web API routes
            config.MapHttpAttributeRoutes();

            config.Routes.MapHttpRoute(
                name: "DefaultApi",
                routeTemplate: "api/{controller}/{id}",
                defaults: new { id = RouteParameter.Optional }
            );
        }

Code as text not images, please. As usual: we can't debug images. — Llama
For your information: stackoverflow.com/questions/25553855/… — Theobald Du
I had tried both the solutions in that post but it is still not working for me. Tried set Options verb to allowed in ISAPI filters with iisreset for my api site and add routing for options request but both not working either. — Lance

Filip Filip · Accepted Answer · 2021-03-30T11:43:21

Can you test your api controller first by setting allowed origins in your web config to "*"

If this also returns 404 not found then something else is the problem and not the CORS.

C# webapi Cors Option request in server returns error 404 not found

2 Answers