Enable CORS in IIS 8.5 applicationTroubleshooting Windows Authentication problems (no challenge) in IIS 7.5?Which credentials are used when browsing a directory through IISWhy do we get a sudden spike in response times?IIS 8.5: Enable server for anonymous PUT http verbIIS 8.5 Manager: Application Pools and Sites nodes missingIIS ARR/Reverse Proxy 502 Errors for Larger FilesIIS 8.5 cold startHow to remotely recycle an application pool of IIS 8.5?URL Rewrite in IIS 8.5 HTTPS to HTTPS end in gateway eroorAccess Remote Shared Path from IIS 8.5
How strong are Wi-Fi signals?
When and what was the first 3D acceleration device ever released?
If a person had control of every single cell of their body, would they be able to transform into another creature?
Would Brexit have gone ahead by now if Gina Miller had not forced the Government to involve Parliament?
the meaning of 'carry' in a novel
Simple fuzz pedal using breadboard
How to know if a folder is a symbolic link?
I unknowingly submitted plagarised work
Were pens caps holes designed to prevent death by suffocation if swallowed?
Which is the common name of Mind Flayers?
Is CD audio quality good enough?
Line of lights moving in a straight line , with a few following
How to pull out the underlying query syntax being used by dataset?
Does the unit of measure matter when you are solving for the diameter of a circumference?
Ticket to ride, 1910: What are the big cities
Is the Indo-European language family made up?
Why is this Simple Puzzle impossible to solve?
What was the idiom for something that we take without a doubt?
Compactness of finite sets
In general, would I need to season a meat when making a sauce?
Flying domestically in the US, is my State Issued ID all I need to get past security?
What is memelemum?
Why doesn't the Earth accelerate towards the Moon?
Would jet fuel for an F-16 or F-35 be producible during WW2?
Enable CORS in IIS 8.5 application
Troubleshooting Windows Authentication problems (no challenge) in IIS 7.5?Which credentials are used when browsing a directory through IISWhy do we get a sudden spike in response times?IIS 8.5: Enable server for anonymous PUT http verbIIS 8.5 Manager: Application Pools and Sites nodes missingIIS ARR/Reverse Proxy 502 Errors for Larger FilesIIS 8.5 cold startHow to remotely recycle an application pool of IIS 8.5?URL Rewrite in IIS 8.5 HTTPS to HTTPS end in gateway eroorAccess Remote Shared Path from IIS 8.5
.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty height:90px;width:728px;box-sizing:border-box;
We have a ERP application (Epicor) which provides a REST interface sitting inside of an II 8.5 (win server 2012R2).
No problem doing POST/GET etc using Insomina (a desktop program similar to PostMan)
In IIS we have enabled only Anonymous Authentication.
However, the below request is getting a 401 Error and is blocking because of CORS (even though it has 'Access-Control-Allow-Origin':'*', )
We are using Chrome V74
const fetcher = (async () =>
const url = 'https://epicorapp2.draper.com/ERP10.1Test/api/v1/Erp.BO.JobEntrySvc/GetNextJobNum'
const raw = fetch(url,
method: 'POST',
mode: 'cors',
headers:
'Accept': 'application/json',
'Authorization': 'Basic xxxxxxx=',
'Access-Control-Allow-Origin':'*',
'Content-Type': 'application/json'
,
body: JSON.stringify()
)
console.log(raw)
const nJob = await raw.json()
console.log(nJob)
return nJob
)
Here is the error:
VM1115:1 OPTIONS https://epicorapp2.draper.com/ERP10.1Test/api/v1/Erp.BO.JobEntrySvc/GetNextJobNum 401 (Forbidden)
dispatchInteractiveEvent @ Main.7485fc72.js:8458
Main.html:1 Access to fetch at 'https://epicorapp2.draper.com/ERP10.1Test/api/v1/Erp.BO.JobEntrySvc/GetNextJobNum' from origin 'http://localhost' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
What settings should we be using on IIS to allow the CORS request to go through?
UPDATE
We got I.T. to add the cors module, and I updated the the section of the web.config but I am still getting an CORS error. Can you tell me what is wrong here?
<httpProtocol>
<customHeaders>
<add name="Access-Control-Allow-Origin" value="*" />
</customHeaders>
</httpProtocol>
<cors enabled="true" failUnlistedOrigins="false">
</cors>
This is the error:
`Access to fetch at 'https://epicorapp2.draper.com/ERP10.1Test/api/v1/Erp.BO.JobEntrySvc/GetNextJobNum' from origin 'http://ysg4206.draper.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: It does not have HTTP ok status.`
iis
asked May 13 at 18:44
Dr.YSGDr.YSG
514
add a comment |
We have a ERP application (Epicor) which provides a REST interface sitting inside of an II 8.5 (win server 2012R2).
No problem doing POST/GET etc using Insomina (a desktop program similar to PostMan)
In IIS we have enabled only Anonymous Authentication.
However, the below request is getting a 401 Error and is blocking because of CORS (even though it has 'Access-Control-Allow-Origin':'*', )
We are using Chrome V74
const fetcher = (async () =>
const url = 'https://epicorapp2.draper.com/ERP10.1Test/api/v1/Erp.BO.JobEntrySvc/GetNextJobNum'
const raw = fetch(url,
method: 'POST',
mode: 'cors',
headers:
'Accept': 'application/json',
'Authorization': 'Basic xxxxxxx=',
'Access-Control-Allow-Origin':'*',
'Content-Type': 'application/json'
,
body: JSON.stringify()
)
console.log(raw)
const nJob = await raw.json()
console.log(nJob)
return nJob
)
Here is the error:
VM1115:1 OPTIONS https://epicorapp2.draper.com/ERP10.1Test/api/v1/Erp.BO.JobEntrySvc/GetNextJobNum 401 (Forbidden)
dispatchInteractiveEvent @ Main.7485fc72.js:8458
Main.html:1 Access to fetch at 'https://epicorapp2.draper.com/ERP10.1Test/api/v1/Erp.BO.JobEntrySvc/GetNextJobNum' from origin 'http://localhost' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
What settings should we be using on IIS to allow the CORS request to go through?
UPDATE
We got I.T. to add the cors module, and I updated the the section of the web.config but I am still getting an CORS error. Can you tell me what is wrong here?
<httpProtocol>
<customHeaders>
<add name="Access-Control-Allow-Origin" value="*" />
</customHeaders>
</httpProtocol>
<cors enabled="true" failUnlistedOrigins="false">
</cors>
This is the error:
`Access to fetch at 'https://epicorapp2.draper.com/ERP10.1Test/api/v1/Erp.BO.JobEntrySvc/GetNextJobNum' from origin 'http://ysg4206.draper.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: It does not have HTTP ok status.`
iis
asked May 13 at 18:44
Dr.YSGDr.YSG
514
iis.net/downloads/microsoft/iis-cors-module
– Lex Li
May 14 at 2:15
@LexLi see update.
– Dr.YSG
May 15 at 19:33
If you dig further into its configuration you should see docs.microsoft.com/en-us/iis/extensions/cors-module/…
– Lex Li
May 15 at 20:07
add a comment |
We have a ERP application (Epicor) which provides a REST interface sitting inside of an II 8.5 (win server 2012R2).
No problem doing POST/GET etc using Insomina (a desktop program similar to PostMan)
In IIS we have enabled only Anonymous Authentication.
However, the below request is getting a 401 Error and is blocking because of CORS (even though it has 'Access-Control-Allow-Origin':'*', )
We are using Chrome V74
const fetcher = (async () =>
const url = 'https://epicorapp2.draper.com/ERP10.1Test/api/v1/Erp.BO.JobEntrySvc/GetNextJobNum'
const raw = fetch(url,
method: 'POST',
mode: 'cors',
headers:
'Accept': 'application/json',
'Authorization': 'Basic xxxxxxx=',
'Access-Control-Allow-Origin':'*',
'Content-Type': 'application/json'
,
body: JSON.stringify()
)
console.log(raw)
const nJob = await raw.json()
console.log(nJob)
return nJob
)
Here is the error:
VM1115:1 OPTIONS https://epicorapp2.draper.com/ERP10.1Test/api/v1/Erp.BO.JobEntrySvc/GetNextJobNum 401 (Forbidden)
dispatchInteractiveEvent @ Main.7485fc72.js:8458
Main.html:1 Access to fetch at 'https://epicorapp2.draper.com/ERP10.1Test/api/v1/Erp.BO.JobEntrySvc/GetNextJobNum' from origin 'http://localhost' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
What settings should we be using on IIS to allow the CORS request to go through?
UPDATE
We got I.T. to add the cors module, and I updated the the section of the web.config but I am still getting an CORS error. Can you tell me what is wrong here?
<httpProtocol>
<customHeaders>
<add name="Access-Control-Allow-Origin" value="*" />
</customHeaders>
</httpProtocol>
<cors enabled="true" failUnlistedOrigins="false">
</cors>
This is the error:
`Access to fetch at 'https://epicorapp2.draper.com/ERP10.1Test/api/v1/Erp.BO.JobEntrySvc/GetNextJobNum' from origin 'http://ysg4206.draper.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: It does not have HTTP ok status.`
iis
asked May 13 at 18:44
Dr.YSGDr.YSG
514
We have a ERP application (Epicor) which provides a REST interface sitting inside of an II 8.5 (win server 2012R2).
No problem doing POST/GET etc using Insomina (a desktop program similar to PostMan)
In IIS we have enabled only Anonymous Authentication.
However, the below request is getting a 401 Error and is blocking because of CORS (even though it has 'Access-Control-Allow-Origin':'*', )
We are using Chrome V74
const fetcher = (async () =>
const url = 'https://epicorapp2.draper.com/ERP10.1Test/api/v1/Erp.BO.JobEntrySvc/GetNextJobNum'
const raw = fetch(url,
method: 'POST',
mode: 'cors',
headers:
'Accept': 'application/json',
'Authorization': 'Basic xxxxxxx=',
'Access-Control-Allow-Origin':'*',
'Content-Type': 'application/json'
,
body: JSON.stringify()
)
console.log(raw)
const nJob = await raw.json()
console.log(nJob)
return nJob
)
Here is the error:
VM1115:1 OPTIONS https://epicorapp2.draper.com/ERP10.1Test/api/v1/Erp.BO.JobEntrySvc/GetNextJobNum 401 (Forbidden)
dispatchInteractiveEvent @ Main.7485fc72.js:8458
Main.html:1 Access to fetch at 'https://epicorapp2.draper.com/ERP10.1Test/api/v1/Erp.BO.JobEntrySvc/GetNextJobNum' from origin 'http://localhost' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
What settings should we be using on IIS to allow the CORS request to go through?
UPDATE
We got I.T. to add the cors module, and I updated the the section of the web.config but I am still getting an CORS error. Can you tell me what is wrong here?
<httpProtocol>
<customHeaders>
<add name="Access-Control-Allow-Origin" value="*" />
</customHeaders>
</httpProtocol>
<cors enabled="true" failUnlistedOrigins="false">
</cors>
This is the error:
`Access to fetch at 'https://epicorapp2.draper.com/ERP10.1Test/api/v1/Erp.BO.JobEntrySvc/GetNextJobNum' from origin 'http://ysg4206.draper.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: It does not have HTTP ok status.`
iis
iis
asked May 13 at 18:44
Dr.YSGDr.YSG
514
asked May 13 at 18:44
Dr.YSGDr.YSG
514
edited May 15 at 19:34
Dr.YSG
asked May 13 at 18:44
Dr.YSGDr.YSG
514
asked May 13 at 18:44
Dr.YSGDr.YSG
514
asked May 13 at 18:44
Dr.YSGDr.YSG
514
514
iis.net/downloads/microsoft/iis-cors-module
– Lex Li
May 14 at 2:15
@LexLi see update.
– Dr.YSG
May 15 at 19:33
If you dig further into its configuration you should see docs.microsoft.com/en-us/iis/extensions/cors-module/…
– Lex Li
May 15 at 20:07
add a comment |
iis.net/downloads/microsoft/iis-cors-module
– Lex Li
May 14 at 2:15
@LexLi see update.
– Dr.YSG
May 15 at 19:33
If you dig further into its configuration you should see docs.microsoft.com/en-us/iis/extensions/cors-module/…
– Lex Li
May 15 at 20:07
iis.net/downloads/microsoft/iis-cors-module
– Lex Li
May 14 at 2:15
iis.net/downloads/microsoft/iis-cors-module
– Lex Li
May 14 at 2:15
@LexLi see update.
– Dr.YSG
May 15 at 19:33
@LexLi see update.
– Dr.YSG
May 15 at 19:33
If you dig further into its configuration you should see docs.microsoft.com/en-us/iis/extensions/cors-module/…
– Lex Li
May 15 at 20:07
If you dig further into its configuration you should see docs.microsoft.com/en-us/iis/extensions/cors-module/…
– Lex Li
May 15 at 20:07
add a comment |
1 Answer
1
active
oldest
votes
So you have a couple of problems
The first is that your request is not returning a HTTP 200 OK status (the system your calling). this is a problem with the fetch API it does not support any none 200 status code responses. (fix is to switch to using XMLHttpRequest commonly known as AJAX), you can test this using an application such as Advanced Rest Client and making the request from in there to see what status code it is giving back.
The second you need to tell it GET & OPTIONS requests are allowed with access-control-allow-methods:GET,OPTIONS header. (OPTIONS is what the CORS check uses to do its checks)
The third problem is that your no longer allowed to use the * as a valid Origin you have to supply the origin of the calling system, in this case, the site running the javascript. so this would require your 'IT Department' to engineer the code to use the referer header to know the host and port they need to supply in that header it can be done by a web.config file if they are able to hard code the hostname and port of the calling site.
<httpProtocol>
<customHeaders>
<add name="Access-Control-Allow-Origin" value="example.com,example.com:8080" />
<add name="Access-Control-Allow-Method" value="GET, OPTIONS" />
</customHeaders>
</httpProtocol>
The example above shows both using a standard port of 80 or HTTPS port of 443, and an example of a custom port of 8080
The fourth problem is that the CORS headers are not sent by Javascript I slightly covered this in the third point but your Javascript should not send the headers and to do so will do nothing. The server or website your connecting to has to send the headers as you enabling of the CORS module shows you.
answered May 21 at 23:54
Martin BarkerMartin Barker
226115
add a comment |
Your Answer
StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "2"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);
else
createEditor();
);
function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);
);
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fserverfault.com%2fquestions%2f967086%2fenable-cors-in-iis-8-5-application%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
So you have a couple of problems
The first is that your request is not returning a HTTP 200 OK status (the system your calling). this is a problem with the fetch API it does not support any none 200 status code responses. (fix is to switch to using XMLHttpRequest commonly known as AJAX), you can test this using an application such as Advanced Rest Client and making the request from in there to see what status code it is giving back.
The second you need to tell it GET & OPTIONS requests are allowed with access-control-allow-methods:GET,OPTIONS header. (OPTIONS is what the CORS check uses to do its checks)
The third problem is that your no longer allowed to use the * as a valid Origin you have to supply the origin of the calling system, in this case, the site running the javascript. so this would require your 'IT Department' to engineer the code to use the referer header to know the host and port they need to supply in that header it can be done by a web.config file if they are able to hard code the hostname and port of the calling site.
<httpProtocol>
<customHeaders>
<add name="Access-Control-Allow-Origin" value="example.com,example.com:8080" />
<add name="Access-Control-Allow-Method" value="GET, OPTIONS" />
</customHeaders>
</httpProtocol>
The example above shows both using a standard port of 80 or HTTPS port of 443, and an example of a custom port of 8080
The fourth problem is that the CORS headers are not sent by Javascript I slightly covered this in the third point but your Javascript should not send the headers and to do so will do nothing. The server or website your connecting to has to send the headers as you enabling of the CORS module shows you.
answered May 21 at 23:54
Martin BarkerMartin Barker
226115
add a comment |
So you have a couple of problems
The first is that your request is not returning a HTTP 200 OK status (the system your calling). this is a problem with the fetch API it does not support any none 200 status code responses. (fix is to switch to using XMLHttpRequest commonly known as AJAX), you can test this using an application such as Advanced Rest Client and making the request from in there to see what status code it is giving back.
The second you need to tell it GET & OPTIONS requests are allowed with access-control-allow-methods:GET,OPTIONS header. (OPTIONS is what the CORS check uses to do its checks)
The third problem is that your no longer allowed to use the * as a valid Origin you have to supply the origin of the calling system, in this case, the site running the javascript. so this would require your 'IT Department' to engineer the code to use the referer header to know the host and port they need to supply in that header it can be done by a web.config file if they are able to hard code the hostname and port of the calling site.
<httpProtocol>
<customHeaders>
<add name="Access-Control-Allow-Origin" value="example.com,example.com:8080" />
<add name="Access-Control-Allow-Method" value="GET, OPTIONS" />
</customHeaders>
</httpProtocol>
The example above shows both using a standard port of 80 or HTTPS port of 443, and an example of a custom port of 8080
The fourth problem is that the CORS headers are not sent by Javascript I slightly covered this in the third point but your Javascript should not send the headers and to do so will do nothing. The server or website your connecting to has to send the headers as you enabling of the CORS module shows you.
answered May 21 at 23:54
Martin BarkerMartin Barker
226115
add a comment |
So you have a couple of problems
The first is that your request is not returning a HTTP 200 OK status (the system your calling). this is a problem with the fetch API it does not support any none 200 status code responses. (fix is to switch to using XMLHttpRequest commonly known as AJAX), you can test this using an application such as Advanced Rest Client and making the request from in there to see what status code it is giving back.
The second you need to tell it GET & OPTIONS requests are allowed with access-control-allow-methods:GET,OPTIONS header. (OPTIONS is what the CORS check uses to do its checks)
The third problem is that your no longer allowed to use the * as a valid Origin you have to supply the origin of the calling system, in this case, the site running the javascript. so this would require your 'IT Department' to engineer the code to use the referer header to know the host and port they need to supply in that header it can be done by a web.config file if they are able to hard code the hostname and port of the calling site.
<httpProtocol>
<customHeaders>
<add name="Access-Control-Allow-Origin" value="example.com,example.com:8080" />
<add name="Access-Control-Allow-Method" value="GET, OPTIONS" />
</customHeaders>
</httpProtocol>
The example above shows both using a standard port of 80 or HTTPS port of 443, and an example of a custom port of 8080
The fourth problem is that the CORS headers are not sent by Javascript I slightly covered this in the third point but your Javascript should not send the headers and to do so will do nothing. The server or website your connecting to has to send the headers as you enabling of the CORS module shows you.
answered May 21 at 23:54
Martin BarkerMartin Barker
226115
So you have a couple of problems
The first is that your request is not returning a HTTP 200 OK status (the system your calling). this is a problem with the fetch API it does not support any none 200 status code responses. (fix is to switch to using XMLHttpRequest commonly known as AJAX), you can test this using an application such as Advanced Rest Client and making the request from in there to see what status code it is giving back.
The second you need to tell it GET & OPTIONS requests are allowed with access-control-allow-methods:GET,OPTIONS header. (OPTIONS is what the CORS check uses to do its checks)
The third problem is that your no longer allowed to use the * as a valid Origin you have to supply the origin of the calling system, in this case, the site running the javascript. so this would require your 'IT Department' to engineer the code to use the referer header to know the host and port they need to supply in that header it can be done by a web.config file if they are able to hard code the hostname and port of the calling site.
<httpProtocol>
<customHeaders>
<add name="Access-Control-Allow-Origin" value="example.com,example.com:8080" />
<add name="Access-Control-Allow-Method" value="GET, OPTIONS" />
</customHeaders>
</httpProtocol>
The example above shows both using a standard port of 80 or HTTPS port of 443, and an example of a custom port of 8080
The fourth problem is that the CORS headers are not sent by Javascript I slightly covered this in the third point but your Javascript should not send the headers and to do so will do nothing. The server or website your connecting to has to send the headers as you enabling of the CORS module shows you.
answered May 21 at 23:54
Martin BarkerMartin Barker
226115
edited May 22 at 0:05
answered May 21 at 23:54
Martin BarkerMartin Barker
226115
answered May 21 at 23:54
Martin BarkerMartin Barker
226115
answered May 21 at 23:54
Martin BarkerMartin Barker
226115
226115
add a comment |
add a comment |
Thanks for contributing an answer to Server Fault!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fserverfault.com%2fquestions%2f967086%2fenable-cors-in-iis-8-5-application%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
iis.net/downloads/microsoft/iis-cors-module
– Lex Li
May 14 at 2:15
@LexLi see update.
– Dr.YSG
May 15 at 19:33
If you dig further into its configuration you should see docs.microsoft.com/en-us/iis/extensions/cors-module/…
– Lex Li
May 15 at 20:07