问题
I have implemented CORS in web API by using Cors library.
[EnableCors(origins: "*", headers: "*", methods: "*")]
and in webapi config file
config.EnableCors();
I called api using POST method, still I was getting error in console i:e No 'Access-Control-Allow-Origin' header is present on the requested resource.
Then I changed
[EnableCors(origins: "*", headers: "*", methods: "*")]
To
[EnableCors(origins: "*", headers: "*", methods: "GET, POST, PUT, DELETE, OPTIONS")]
Then its started working, my question why it doesn't work with allowed methods using "*"
回答1:
The wildcard for Access-Control-Allow-Methods is not yet supported by all browsers.
- Chromium-based browsers should support it (issue 615313)
- Firefox does not yet support it (bug 1309358)
- IE probably doesn't support it and Edge possibly does not support it yet. Edge is moving to the Chromium engine in the future, so they'll support it at some point.
Browser support is also tracked by MDN here, so future readers may want to check that too in case this answer becomes outdated.
来源:https://stackoverflow.com/questions/56577232/which-http-methods-allowed-in-when-enabling-cors-in-web-api