The CORS error occurred on SignalR negotiation phase

Question

I have the following error in Console after migration from Asp.net core 2.2 to 3.1

Access to XMLHttpRequest at 'someuri/negotiate?negotiateVersion=1' from 
origin 'http://localhost:4208' 
has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested 
resource.

And the following SignalR configuration:

app.UseCors(Constants.Policy);
app.UseAuthentication();

app.UseEndpoints(
          endpoints =>
          {
             endpoints.MapHub<SomeHub>("/ws/someuri");
          });

I've added the following policy:

options.AddPolicy(Constants.Policy,
                    p => 
                        p.AllowAnyHeader()
                       .AllowAnyMethod()
                       .AllowCredentials()
                       .WithOrigins("http://localhost:4208"));

But it didn't help.

Kiril1512 · Answer 1 · 2020-03-27T14:31:26.970

0

You should configure the CORS this way and the order is important!

On your configure method:

public override void Configure(IApplicationBuilder app, HostConfiguration hostConfiguration, ILogger<Startup> logger)
{
    base.Configure(app, hostConfiguration, logger);

    app.UseWebSockets();

    app.UseCors(CorsPolicy); // first configure CORS, then map Hub

    app.UseEndpoints(endpoints =>
    {
        endpoints.MapHub<SomeHub>("/someuri");
    });
}

Then when adding CORS:

/// <summary>
/// Adds the CORS.
/// </summary>
private void AddCors(IServiceCollection services)
{
    services.AddCors(options =>
    {
        options.AddPolicy(CorsPolicy, builder => builder.WithOrigins("http://localhost:4208")
            .AllowAnyHeader()
            .AllowAnyMethod()
            .AllowCredentials()
            .SetIsOriginAllowed((host) => true));
    });
}

You can see more detailed answer here.

edited Mar 27 '20 at 14:31

answered Mar 27 '20 at 12:08

Kiril1512

3,231
3
16
41

1

Thanks, I will try, but should I update Angular SignalR package ?? – Vladyslav Furdak Mar 27 '20 at 12:09
1

@VladislavFurdak the client package was migrated from ```@aspnet/signalr``` to ```@microsoft/signalr``` so you should upgrade the package to version 3.1.3: https://www.npmjs.com/package/@microsoft/signalr – Kiril1512 Mar 27 '20 at 12:10
Then remove the ```ws``` from the uri. – Kiril1512 Mar 27 '20 at 14:30
Also please add you angular code how you connect to the server. – Kiril1512 Mar 27 '20 at 14:31
I found that context.Request.Query["access_token"] returns NULL after migration from 2.2 to 3.1 – Vladyslav Furdak Mar 30 '20 at 20:15
1

How you pass the token on client side? Did you have authorization atribute? As I said before, please add your client side code. – Kiril1512 Mar 31 '20 at 15:57
connection = new HubConnectionBuilder() .withUrl(this.url, { accessTokenFactory: () => this.token }) .withAutomaticReconnect(new RetryPolicy()) .build(); – Vladyslav Furdak Apr 01 '20 at 08:01

The CORS error occurred on SignalR negotiation phase

1 Answers1