Cors with SignalR - solving the "The value of the 'Access-Control-Allow-Origin' header in the response must not be the wildcard '*' error

I figured it out. While setting connection in client side I had to add

withCredentials

property to false

So the code looks like:

private startConnection(): void {
    this.connection.start({ withCredentials: false }).done((data: any) => {
        this.connectionEstablished.emit(true);
        this.connectionExists = true;
    }).fail((error: any) => this.connectionEstablished.emit(false));
}

This worked for me

    app.UseCors(config => config.AllowAnyHeader().AllowAnyMethod().AllowAnyOrigin().AllowCredentials());

Got to add the AllowCredentials option


As long as credentials security is used in your application you should specify domain(s) from which CORS requests may come to your server:

app.UseCors(config => config.WithOrigins("http://localhost:8080"));

Value of credentials security is greatly reduced if you're allowing CORS requests from any domain in the world. That is what error message telling us.