0

Edit: Realized my mistake. "Access-Control-Allow-Request-Headers" should be "Access-Control-Allow-Headers"

I am trying to use a get api with a header, but I keep getting Request header field Authorization is not allowed by Access-Control-Allow-Headers in preflight response.

I am using angular2 and calling a webapi using asp.net on an iis10 server

I edited my IIS10 already, and I edited the web.config... What else can I do? enter image description here

enter image description here enter image description here

Improve this question

2 Answers 2

Reset to default
1

The error message talks about a header named Access-Control-Allow-Headers while you set the Access-Control-Allow-Request-Headers in the config file.

I'd also suggest considering moving the CORS configuration in the Web API config as it's a matter related to your application.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

0

*sigh.. "Access-Control-Allow-Request-Headers" should really be

"Access-Control-Allow-Headers"

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.