SignalR cross-domain connections with self-hosting and authentication

Question

I have a CORS problem when self-hosting SignalR with OWIN, which only happens when I try to enable authentication.

The error I get in my web browser is:

Answer 1

I presume you're using Chrome, which very unhelpfully tells you that these headers are missing and that this is the problem, when actually you have probably just forgot to set your XMLHttpRequest's withCredentials property to true.

If you're using jQuery you can do this for all requests with:

$.ajaxPrefilter(function (options, originalOptions, jqXHR) {
  options.xhrFields = { withCredentials: true };
});

You also need to do the right thing with OPTIONS requests as in the other answer.