I've come across a unique issue that I was wondering if someone can point me in the right direction for some online help.
I have a local IIS Server that I host websites on and this is the issue:
My React HTTPS website ("Website A") make a fetch call to a .NET Core REST API endpoint ("REST API B") on the same server. This all works fine while I am developing, everything makes the correct connections, data is obtained, etc... but as soon as a "public" request come in, the React website does not make the call to the endpoint (the website is displayed absent data).
My REST API is set up for CORS and does include the orgin(s) for the website that is making the fetch call.
I am uncertain where the issue is happening. I believe the preflight "handshake" is passing, but I may not have all the CORS set up correctly in the program.cs
I have read about these headers. I believe the Chrome "preflight" adds the following header: Access-Control-Request-Method: GET
In the RestAPI, I added this to the response header: Access-Control-Request-Private-Network: true
I am at a loss if there are any other CORS settings I may need to add in order for the call to work from the React website "fetch" to the Res API endpoint?
I was wondering if someone may have any advice (or samples/examples), or can point me to any examples on the internet that I can implement. I feel I am close, but just missing something and I a little nudge will put me in the correct direction! Thanks
Julien
I have HTTPS and the SSL Cert installed. Everything works fine while developing. It's when a public request comes to the IIS Server, it hits the HTTPS site, loads it, states it's "secure", but the "fetch" call to the Rest API does not seem to be working at this point. I need help figuring out the "Private Network Access" headers and how it works
