0
Spospisil created
-
ABP Framework version: v4.4.2
-
UI type: MVC
-
DB provider: EF Core
-
Tiered (MVC) or Identity Server Separated (Angular): yes
-
Exception message and stack trace:
-
Steps to reproduce the issue:"
I am trying to show an iFrame within the content area of the Lepton theme layout. I keep getting a cross-origin issue in my solutions "Web" (non public) project even though I have added the 'CorsOrigins' entry in the 'App' section of my appsettings.json file. Additionaly I have added the following block of code to my 'WebModule' code, but they browser is still giving me the 'blocked a frame with origin "xxxx" from accessing a cross-origin frame.
context.Services.AddCors(options =>
{
options.AddDefaultPolicy(builder =>
{
builder
.WithOrigins(
configuration["App:CorsOrigins"]
.Split(",", StringSplitOptions.RemoveEmptyEntries)
.Select(o => o.Trim().RemovePostFix("/"))
.ToArray()
)
.WithAbpExposedHeaders()
.SetIsOriginAllowedToAllowWildcardSubdomains()
.AllowAnyHeader()
.AllowAnyMethod()
.AllowCredentials();
});
});
1 Answer(s)
-
0
hi
I think this limitation has nothing to do with CORS, it is a browser limitation.
