CORS policy don't want to work with SignalR and ASP.NET core
Note this can be applied to .net core 3.1
As it's stated on microsoft docs it seems doesn't work docs
public void Configure(IApplicationBuilder app, IHostingEnvironment env)
{
// Preceding code ommitted.
app.UseRouting();
app.UseCors();
app.UseEndpoints(endpoints =>
{
endpoints.MapControllers();
});
// Following code ommited.
}
Warning
With endpoint routing, the CORS middleware must be configured to execute between the calls to UseRouting and UseEndpoints. Incorrect configuration will cause the middleware to stop functioning correctly.
But if you move your UseCors() in the first place your application will work as expected so the working code will be
public void ConfigureServices(IServiceCollection services)
{
services.AddCors(options =>
options.AddDefaultPolicy(builder => builder.AllowAnyOrigin().AllowAnyHeader().AllowAnyMethod()));
}
public void Configure(IApplicationBuilder app, IHostingEnvironment env)
{
//place your useCors here
app.UseCors();
app.UseRouting();
app.UseEndpoints(endpoints =>
{
endpoints.MapControllers();
});
// Following code ommited.
}
The accepted answer did not work for me so I decided to put down here what worked for me. In case someone stumbles across the same issue.
I was facing same issue in my local testing while playing around with signalR on Angular 9.
I solved it by switching my Asp NET Core (3.1) app URL from https to http. if you are using Visual Studio,
- just right click on project properties -> Debug.
- Uncheck Enable SSL
Also do not forget to change the port on your URL in angular App. So basically URL in angular app will be something like this
this.hubConnection = new signalR.HubConnectionBuilder()
.withUrl("http://localhost:50782/hub").build();
whereas the relevant code in Configure method is something like this
app.UseHttpsRedirection();
app.UseStaticFiles();
app.UseRouting();
app.UseCors("_myAllowSpecificOrigins");
app.UseAuthorization();
app.UseEndpoints(endpoints =>
{
endpoints.MapRazorPages();
endpoints.MapHub<ChatHub>("/hub");
});
and in your configureServices method I had following
services.AddRazorPages();
services.AddCors(options =>
{
options.AddPolicy("_myAllowSpecificOrigins",
builder =>
{
builder.WithOrigins("https://localhost:4200")
.AllowAnyHeader()
.AllowAnyMethod()
.SetIsOriginAllowed((x) => true)
.AllowCredentials();
});
});
services.AddSignalR();
Hope this helps !
UPDATE
if you are just playing around with samples on your local machine you can also try to run chrome in security mode as mentioned here
on my mac I just simply ran command from terminal
open -n -a /Applications/Google\ Chrome.app/Contents/MacOS/Google\ Chrome --args --user-data-dir="/tmp/chrome_dev_test" --disable-web-security
With this you should be able to run your sample without CORS bothering
try something like this in your startup configuration class:
app.Map("/CoordinatorHub/negotiate", map =>
{
map.UseCors(CorsOptions.AllowAll);
var hubConfiguration = new HubConfiguration
{
// You can enable JSONP by uncommenting line below.
// EnableDetailedErrors = true,
// EnableJSONP = true
};
map.RunSignalR(hubConfiguration);
});