diff --git a/samples/README.md.LOCAL.87076.md b/samples/README.md.LOCAL.87076.md new file mode 100644 index 0000000000..033737f503 --- /dev/null +++ b/samples/README.md.LOCAL.87076.md @@ -0,0 +1,35 @@ +# CORS Sample + +This sample consists of a request origin (SampleOrigin) and a request destination (SampleDestination). Both have different domain names, to simulate a CORS request. + +## Modify Hosts File +To run this CORS sample, modify the hosts file to register the hostnames ```destination.example.com``` and ```origin.example.com.``` +### Windows: +Run a text editor (e.g. Notepad) as an Administrator. Open the hosts file on the path: "C:\Windows\System32\drivers\etc\hosts". + +### Linux: +On a Terminal window, type "sudo nano /etc/hosts" and enter your admin password when prompted. + +In the hosts file, add the following to the bottom of the file: +``` 127.0.0.1 destination.example.com``` +``` 127.0.0.1 origin.example.com ``` + +Save the file and close it. Then clear your browser history. + +## Run the sample +The SampleOrigin application will use port 5001, and SampleDestination will use 5000. Please ensure there are no other processes using those ports before running the CORS sample. + +* In a command prompt window, open the directory where you cloned the repository, and open the SampleDestination directory. Run the command: dotnet run +* Repeat the above step in the SampleOrigin directory. +* Open a browser window and go to ```http://origin.example.com:5001``` +* Input a method and header to create a CORS request or use one of the example buttons to see CORS in action. + +As an example, apart from ```GET```, ```HEAD``` and ```POST``` requests, ```PUT``` requests are allowed in the CORS policy on SampleDestination. Any others, like ```DELETE```, ```OPTIONS``` etc. are not allowed and throw an error. +```Cache-Control``` has been added as an allowed header to the sample. Any other headers are not allowed and throw an error. You may leave the header name and value blank. + +To edit the policy, please see ```app.UseCors()``` method in the ```Startup.cs``` file of SampleDestination. + +**If using Visual Studio to launch the request origin:** +Open Visual Studio and in the ```launchSettings.json``` file for the SampleOrigin project, change the ```launchUrl``` under SampleOrigin to ```http://origin.example.com:5001```. +Using the dropdown near the Start button, choose SampleOrigin before pressing Start to ensure that it uses Kestrel and not IIS Express. + diff --git a/src/Microsoft.AspNetCore.Cors/Infrastructure/CorsService.cs b/src/Microsoft.AspNetCore.Cors/Infrastructure/CorsService.cs index 32aea828c5..483cb3e59a 100644 --- a/src/Microsoft.AspNetCore.Cors/Infrastructure/CorsService.cs +++ b/src/Microsoft.AspNetCore.Cors/Infrastructure/CorsService.cs @@ -7,9 +7,9 @@ using System.Globalization; using System.Linq; using Microsoft.AspNetCore.Cors.Internal; using Microsoft.AspNetCore.Http; +using Microsoft.Extensions.Logging; using Microsoft.Extensions.Options; using Microsoft.Extensions.Primitives; -using Microsoft.Extensions.Logging; namespace Microsoft.AspNetCore.Cors.Infrastructure { @@ -305,4 +305,4 @@ namespace Microsoft.AspNetCore.Cors.Infrastructure } } } -} \ No newline at end of file +} diff --git a/test/Microsoft.AspNetCore.Cors.Test/CorsServiceTests.cs b/test/Microsoft.AspNetCore.Cors.Test/CorsServiceTests.cs index b6f40c9415..7edfc895fd 100644 --- a/test/Microsoft.AspNetCore.Cors.Test/CorsServiceTests.cs +++ b/test/Microsoft.AspNetCore.Cors.Test/CorsServiceTests.cs @@ -3,8 +3,8 @@ using System; using Microsoft.AspNetCore.Http; -using Xunit; using Microsoft.Extensions.Logging.Testing; +using Xunit; namespace Microsoft.AspNetCore.Cors.Infrastructure { @@ -1081,4 +1081,4 @@ namespace Microsoft.AspNetCore.Cors.Infrastructure public string FailureReason { get; set; } } } -} \ No newline at end of file +}