I can't remember how many of these elements are there by default when you install Umbraco 7.1.8, so httpProtocoland customHeaders may already be there - so make sure to not add them twice.
A downside with this approach is that it will apply to all responses.
2.
You can add the header manually. Eg. something like:
This may not work depending how your controller is implemented. Accessing the HTTP context via the static Current property should also generally be avoided, but it is sometimes just the hack you need to get things working.
If you add this in the start of your controller method, it will only apply to responses from that particular method.
3.
Personally I prefer to put an attribute in the controller class or method. In SPA/Headless package, we have this useful attribute:
With this attribute, usage could be something like:
using System.Web.Http;
using Umbraco.Web.WebApi;
[AccessControlAllowOrigin]
public class MyController : UmbracoApiController {
[HttpGet]
public object Update() {
return new { yay = true };
}
}
Or:
using System.Web.Http;
using Umbraco.Web.WebApi;
public class MyController : UmbracoApiController {
[HttpGet]
[AccessControlAllowOrigin]
public object Update() {
return new { yay = true };
}
}
In the first example where the attribute is added to the class, the header will automatically be added to responses from all the methods in your controller class.
In the second example, the attribute is instead added to the method, so the header will only be added to responses from that particular method.
There are some other approaches as well, but without having seen your code, these are the ones that come to mind. I would recommend the third approach as it IMO gives the cleanest code and best flexibility.
CORS in Umbraco 7.1.8
I'm trying to enable CORS with Umbraco 7.1.8
Is it possible to make it work without Upgrading Umbraco to 7.3?
In 7.3 MVC5 and webAPI2
Thanks,
Alex
Hi Alex,
It this for your own custom WebAPI controllers? Then there are a couple of options that should do the trick.
1. In the
system.webServersection of your main Web.config file, you can add the following:I can't remember how many of these elements are there by default when you install Umbraco 7.1.8, so
httpProtocolandcustomHeadersmay already be there - so make sure to not add them twice.A downside with this approach is that it will apply to all responses.
2. You can add the header manually. Eg. something like:
This may not work depending how your controller is implemented. Accessing the HTTP context via the static
Currentproperty should also generally be avoided, but it is sometimes just the hack you need to get things working.If you add this in the start of your controller method, it will only apply to responses from that particular method.
3. Personally I prefer to put an attribute in the controller class or method. In SPA/Headless package, we have this useful attribute:
https://github.com/skybrud/Skybrud.Umbraco.Spa/blob/master/src/Skybrud.Umbraco.Spa/Attributes/AccessControlAllowOriginAttribute.cs
With this attribute, usage could be something like:
Or:
In the first example where the attribute is added to the class, the header will automatically be added to responses from all the methods in your controller class.
In the second example, the attribute is instead added to the method, so the header will only be added to responses from that particular method.
There are some other approaches as well, but without having seen your code, these are the ones that come to mind. I would recommend the third approach as it IMO gives the cleanest code and best flexibility.
is working on a reply...