Enable CORS for any port on localhost
ASP.NET Core's SetIsOriginAllowed
method gives you full control over whether or not an origin is allowed to participate in CORS. Here's an example based on your code sample:
if(_environment.IsDevelopment())
{
options.AddDefaultPolicy(builder =>
{
builder.SetIsOriginAllowed(origin => new Uri(origin).Host == "localhost");
});
}
else
{
// ...
}
The origin
value passed in to the SetIsOriginAllowed
delegate is the full origin, which looks something like http://localhost:8080
. Using Uri
, the code above compares the Host
against localhost
, which ends up allowing all localhost
origins.