A call from my SPA to the .Net backend, that had been working fine, started going red in my browser DevTools 😱:
POST + Preflight | (failed) net::ERR_CONNECTION_REFUSED
I knew my CORS config hadn’t changed, and in fact the app is built with appBuilder.UseCors(CorsOptions.AllowAll);
While Ducking around for a solution, I caught sight of a little comment on an SO answer, which said “be aware that exceptions will CLEAN off any CORS headers set by the CORS middleware”.
I returned to VS, opened Exception settings, and turned on all CLR exceptions.
When I repeated the call into the API, whaddya know, AutoMapper was throwing a silent error.
After I fixed my mapping, the CORS error went away 😊
Happy hacking!
Top comments (2)
Very interesting - every error we have always comes back with CORS warnings, so I’m thinking this is why. Wondering if there’s any way to change the error handling behavior in the middleware?
Thanks for the thoughtful comment Kyle, I'd like to know if you find out the answer to this! Maybe the behaviour where the CORS headers are being stripped off can be prevented or reversed...