1

I have two separate projects

http://www.local.mysite.com (mvc websites) http://api.mysite.com (webapi)

I'd like to avoid using CORS, (currently required for my web ajax calls) (as they are across origin).

So could I in theory, host the webapi under the same domain, using a suffix:

http://www.local.mysite.com/api ? (with an IIS binding to this for the api)

Would this work? My concern is the Mvc website will intercept the requests also, or that maybe it is a bit dodgey.

williamsandonz
  • 15,864
  • 23
  • 100
  • 186
  • 1
    Ok through research I've discovered these questions pretty much answer it. You can use an IIS sub application to acheive this. (http://stackoverflow.com/questions/4747576/sub-website-in-iis-asp-net) However there are issues with web.config inheritance and the like – williamsandonz Dec 24 '13 at 21:03

1 Answers1

-1

CORS is involved when you're making Ajax call cross-origin. Origin is defined by 1) host, 2) port, and 3) protocol.

Here's a good article that discusses the protocol:

http://msdn.microsoft.com/en-us/magazine/dn532203.aspx

Brock Allen
  • 7,385
  • 19
  • 24
  • I know what CORS is (it's in my question), I'd like to avoid using it to save on performance :-) As I can in theory host it under the same domain, but it is it's own separate project you see? So I need two projects under the same domain, whereby only the webapi project responds to /api requests. – williamsandonz Dec 24 '13 at 20:57
  • The point was that if you did setup the app beneath the same origin then you'd not involve CORS (given the definition of cross origin). – Brock Allen Dec 26 '13 at 16:02