asp.net-core – CORS blocking .netCore 3

Question:

Good morning, I created an API in .netCore 3 and did all the tests enabling CORS and with POSTMAN I had no problems, but when trying to access the API from another computer, I'm being blocked by CORS. At startup.cs, I enabled it to pass any request.

    public void ConfigureServices(IServiceCollection services)
    {

        services.AddCors(options =>
        {
            options.AddPolicy("CorsPolicy", builder => builder
                .AllowAnyOrigin()
                .AllowAnyMethod()
                .AllowAnyHeader());
        });
    }


public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
    {
        if (env.IsDevelopment())
        {
            app.UseDeveloperExceptionPage();
            IdentityModelEventSource.ShowPII = true;
        }

        //app.UseHttpsRedirection();

        //app.UseCors(x => x.AllowAnyOrigin().AllowAnyMethod().AllowAnyHeader());
        app.UseCors("CorsPolicy");

        app.UseRouting();

        app.UseAuthentication();

        //app.UseAuthorization();

        app.UseEndpoints(endpoints =>
        {
            endpoints.MapControllers();
        });
    }

e no request:

[ApiController]
[Route("api/configs")]    
public class ConfiguracaoController : ControllerBase
{
    //Get funciona sem problemas
    [HttpGet]
    [Route("")]
    public async Task<ActionResult<List<Configuracao>>> Get([FromServices] GeradorContext context)
    {
        var configs = await context.Configuracoes
            .AsNoTracking()
            .ToListAsync();
        return Ok(configs);
    }
    //PUT ou outro não
    [HttpPut("{Id}")]
    public async Task<ActionResult<Configuracao>> Put([FromServices] GeradorContext context, int id, [FromBody] Configuracao configuracao)
    {

        try
        {
            var configs = await context.Configuracoes
                .AsNoTracking()
              .FirstOrDefaultAsync(c => c.Id == id);

            if (configs == null) return NotFound();

            context.Update(configs);

            await context.SaveChangesAsync();

            return Created($"/api/configs/{configuracao.Id}", configuracao);

        }
        catch (DbUpdateConcurrencyException ex)
        {
            return this.StatusCode(StatusCodes.Status500InternalServerError, ex.ToString());
        }

    }


}

but I'm being blocked:

Access to XMLHttpRequest at 'http://192.168.0.24:8095/api/configs/2' from origin 'http://localhost:4200' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.

This only does not happen in GET methods, for the others (PUT, POST, DELETE) it happens.

Answer:

Good afternoon, I solved the problem, I'll post here in case anyone has the same problem. In PUT, POST or DELETE operations it is necessary to disable the WebDavModule, for that I added the line below in the web.config:

            <system.webServer>
                <modules runAllManagedModulesForAllRequests="false">
                <remove name="WebDAVModule" />
                </modules>
            </system.webServer>
Scroll to Top