Identityserver4.admin: SPA CORS Requests are Blocked
Hi,
First of all Thanks for Creating this awesome tool and making it Open Source 💯
When I Try use identityServer4 from SPA (Angular) application I got this error:
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at http://localhost:5000/.well-known/openid-configuration. (Reason: CORS header ‘Access-Control-Allow-Origin’ missing).
I did some Research and found in the documentation that identity server needs to be configured to query allowed CORS origins.
which can be done by something like this : IdentityServer4.EntityFramework.Storage
yehia2amer
All 3 comments
Thanks! Could you provide a PR with proposed changes?
xmichaelx
on 27 Jan 2019
After Debugging I discovered that the "CorsPolicyService" is injected properly.
It was a simple mistake from me :(
In the Allowed Cors Origins I need to remove the last forward slash (/) to be : http://localhost:4200 not http://localhost:4200/ That's it !
Can we check that in the UI using this regex: .*[^\/]$ to ensure that users don't repeat the same mistake !
yehia2amer
on 28 Jan 2019
@yehia2amer - Thank you for your feedback, I will add this validation after creating/updating client.
skoruba
on 30 Jan 2019
Related issues
skoruba
·
4Comments
denisisack
·
4Comments
xmichaelx
·
4Comments
maythamfahmi
·
4Comments
ekjuanrejon
·
4Comments
Most helpful comment
After Debugging I discovered that the "CorsPolicyService" is injected properly.
It was a simple mistake from me :(
In the Allowed Cors Origins I need to remove the last forward slash (/) to be :
http://localhost:4200nothttp://localhost:4200/That's it !Can we check that in the UI using this regex:
.*[^\/]$to ensure that users don't repeat the same mistake !