The value of the 'Access-Control-Allow-Credentials' header in the response is '' which must be 'true' when the request's credentials mode is 'include'

Question

I'm working on an app, my server run on Azure platform as Api App, i want to use signalR i get this error

XMLHttpRequest cannot load http://sitename.net/signalr/negotiate?clientProtocol=1.5&connectionData=%5B%5D&_=1501957673711. The value of the 'Access-Control-Allow-Credentials' header in the response is '' which must be 'true' when the request's credentials mode is 'include'. Origin 'http://localhost:35609' is therefore not allowed access. The credentials mode of requests initiated by the XMLHttpRequest is controlled by the withCredentials attribute.

Im my server im using owin startup, and here is the config

 app.Map("/signalr", map =>
        {
            map.UseCors(CorsOptions.AllowAll);
            var hubConfiguration = new HubConfiguration {};
            hubConfiguration.EnableJSONP = true;
            map.RunSignalR(hubConfiguration);

        });

and in my webConfig i tried this

var cors = new EnableCorsAttribute("*", "*", "*")
        {
            SupportsCredentials = true
        };
        config.EnableCors(cors);

But it doesn't solve the error. If any one has an idea what im missing please help.. Thanks

in my client im using angularjs like this

 var connection = null;
this.initialize = function () {
    connection = $.hubConnection("http://name.azurewebsites.net/signalr"{ useDefaultPath: false });
    this.proxy = connection.createHubProxy('myHub');
   connection.start().done(function () {
        console.log("started");
    }).fail(function (result) {
        console.log(result);
    });
};

And in my azure api app i have added my local domain to the allowed CORS. i can do other things but i cant use signalR

Possible duplicate of ['Access-Control-Allow-Credentials' header in the response is '' which must be 'true'](https://stackoverflow.com/questions/43772830/access-control-allow-credentials-header-in-the-response-is-which-must-be-t) — Brian, Aug 05 '17 at 19:03
Yes its the same, but its in Nodejs and i don't know how to read Nodejs, how can i make that useful in my solution... — Siphamandla Hero Ngwenya, Aug 05 '17 at 19:44
CORS together with Access-Control-Allow-Credentials header can only be added through code and ensure that CORS setting in Azure Portal is not used because it overrides the setting done in code. For detail please check https://stackoverflow.com/questions/36860423/enable-access-control-allow-credentials-header-in-azure-website-azure-app-servi — shifatullah, Sep 28 '17 at 21:33

score 0 · Answer 1 · answered Aug 07 '17 at 08:26

0

We could set the CORS for Azure App Service from Azure portal. More detail info please refer to How to configure CORS in Azure App Service.

App Service offers built-in support for Cross Origin Resource Sharing (CORS), which enables JavaScript clients to make cross-domain calls to APIs that are hosted in API apps

Screenshot from the document:

answered Aug 07 '17 at 08:26

Tom Sun - MSFT

22,436
3
23
40

i already have that in my api app settings, i get this error when im using signalr. im getting the error in angularjs – Siphamandla Hero Ngwenya Aug 08 '17 at 01:28
Please have a try to set CORS from azure portal to check whether there is any difference. – Tom Sun - MSFT Aug 08 '17 at 01:30
my api and local host works fine, i have set my cors in the portal, but when i try to access signalr thats where i get the cors error.. i will check if i have implemented signalr correctly. – Siphamandla Hero Ngwenya Aug 08 '17 at 02:14

The value of the 'Access-Control-Allow-Credentials' header in the response is '' which must be 'true' when the request's credentials mode is 'include'

1 Answers1