Last post Apr 01, 2016 12:09 PM by mataro777
Mar 16, 2016 08:55 AM|JohnHermsen|LINK
I've seen quite some posts about this online, but no answers, plans or timelines for implementation.
On the ajax.aspnetcdn.com there is no header for Access-Control-Allow-Origin.
So quite some browsers have issues and report problems using this CDN.
For example this stack overflow post: http://stackoverflow.com/questions/31955335/aspnetcdn-bootstrap-graphicons-not-working
Will this be changed or should we stop using this CDN?
Mar 16, 2016 03:04 PM|tmorton|LINK
Thanks for the report. I've raised the question to the ASP.NET team.
Mar 16, 2016 04:28 PM|rustd|LINK
The ASP.NET CDN was updated recently to add CORS so you can use Bootstrap glyphicons. You might have to clear your Cache to get the new files.
Mar 21, 2016 07:28 AM|JohnHermsen|LINK
Thanks for the responses, but just tried it with Fiddler used browser to check the page copied the headers and added the Origin header.
Stil no Access-Control-Allow-Origin header in the response. Also tried same header to googleapis.com and then I do get the Access Control headers os the headers seem correct.
Here is a screenshot from Fiddler.
Mar 23, 2016 04:39 PM|rustd|LINK
Can you please the Bootstrap JS/CSS resources? http://www.asp.net/ajax/cdn#Bootstrap_Releases_on_the_CDN_14
Mar 24, 2016 08:33 AM|JohnHermsen|LINK
Not quite sure what I need to check.
The first post was only an example of one that I found online as I didn't have a screenshot.
I'm using several scriptsfiles which I want to take from the ajax.aspnetcdn.com, like jquery, jquery.validate,
Mar 24, 2016 02:03 PM|JohnHermsen|LINK
I found the problem to be a bit different.
I started the site using the boilerplate template at http://rehansaeed.com/asp-net-mvc-boilerplate/
And I noticed he mentioned a known issue with the SRI tag for the microsoft CDN on
So for now I removed the SRI check and I don't get the notice about missing headers.
Apr 01, 2016 12:09 PM|mataro777|LINK
I'm sorry to chain here.
This URL doesn't have Access-Control-Allow-Origin from few hours ago.
This URL has Access-Control-Allow-Origin.
I guess.. it was changed today.