Last post Nov 22, 2013 12:48 PM by cathynn60
Nov 20, 2013 05:44 PM|cathynn60|LINK
I have a class library (dll) that contains a number of APIControllers that provide an MVC4 web api with support for a variety of GET,PUT,POST,DELETE requests. This same dll also includes a Hub class that provides a SignalR interface for real-time access
to some of the same data as it changes. I am focused on writing the server side (not the end client web app) and so I have been testing it mainly using the REST console (to test the web api calls) and also using a windows form application written in c# (that
can successfully call both the web api calls and the signalr interface). I have tested it on localhost and then deployed to another machine in my network (hosted in IIS7, deployed as an application under the Default Web Site) and all of that works fine for
what they have found is that they cannot access both the web api calls and the signalr interface. To work around their problem, they have deployed it twice with different settings to get one instance working for the web api calls and the other working for
On the server side, the Application_Start method configures the signalr hub connection with these lines:
var hubConfiguration = new HubConfiguration();
hubConfiguration.EnableCrossDomain = true;
hubConfiguration.EnableDetailedErrors = true;
As is, my web service works for signalr but fails on the web api calls with an error message “Failed to load resource: No Access-Control-Allow-Origin header is present on the requested resource. Origin ‘null’ is therefore not allowed access.” Adding the lines below to the system.webserver section of the web.config file gets the web api calls working but the signalr access then gives an error “The Access-Control-Allow-Origin contains an invalid ‘null, *’. Origin ‘null’ is therefore not allowed access.”
<add name="Access-Control-Allow-Origin" value="*" />
<add name="Access-Control-Allow-Methods" value="GET,PUT,POST,DELETE,OPTIONS" />
<add name="Access-Control-Allow-Headers" value="Content-Type" />
Does anyone know what combination of things I need in server/client/IIS so that my web service will work for both the web api calls and the signalr calls when deployed on a remote machine in the same network?
Nov 21, 2013 03:17 PM|gustavo_armenta|LINK
read this article about how to enable cross domain requests on web api (http://www.asp.net/web-api/overview/security/enabling-cross-origin-requests-in-web-api).
I think you should remove the <httpProtocol> section and replace it with something similar to:
public static void Register(HttpConfiguration config)
Nov 22, 2013 12:48 PM|cathynn60|LINK
Thanks! I removed the httpProtocol section, added the line above and added the EnableCors attribute on my controllers and got it working!
I did run into versioning problems when installing the Microsoft.AspNet.WebApi.Cors package. I had to first do an update-package on Microsoft.AspNet.WebApi to avoid having multiple versions in my packages.config file.
I appreciate your help.