So here is my Cors initialization code:
app.UseCors(builder =>
builder.AllowAnyMethod().AllowAnyHeader().AllowAnyOrigin());
And yet when I run PATCH I get the following error in Chrome 83:
Access to fetch at 'https://api-dev.myproject.com/api/mp' from origin 'https://users-dev.myproject.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
Here is the code that is calling the api (from React):
const response = await fetch(API_URL() + `/mp`, {
method: 'PATCH',
body: `"${JSON.stringify(mpForm.values)}"`,
headers: {
Authorization: 'Bearer ' + apiToken,
'Content-type': 'application/json'
}
});
What could be going wrong here? Most API requests to this domain are just fine. It's just this one at the moment.
UPDATE
Just in case you are experiencing this exact issue, the root cause of this problem was the body line:
body: `"${JSON.stringify(mpForm.values)}"`,
and the issue was resolved by refactoring the API to work with a body like this instead:
body: JSON.stringify(mpForm.values),
The reason this was a problem was that the stringify function embedded double quotes in the return value, resulting in a string like this being passed:
'"{"foo":"bar"}"'
which then caused the CORS error.