I have aspx page from where i am sending the jquery ajax post request to my web services. i have added the Authorization header to the post call. My code is :-
$.ajax({
type: "POST",
beforeSend: function (xhr) {
xhr.setRequestHeader("Authorization", "Bearer " + accessToken);
},
url: " My Web Service URL ",
contentType: "application/json; charset=utf-8",
data: { HtmlText: data},
datatype: 'json',
success: function (data) {
alert(JSON.stringify(data));
}
});
In Web.config i have added :-
<system.webServer>
<validation validateIntegratedModeConfiguration="false" />
<modules runAllManagedModulesForAllRequests="true">
<remove name="WebDAVModule" />
</modules>
<httpProtocol>
<customHeaders>
<add name="Access-Control-Allow-Origin" value="*" />
<add name="Access-Control-Request-Headers" value="Authorization, Content-Type"/>
<add name="Access-Control-Allow-Headers" value="Authorization" />
<add name="Access-Control-Allow-Methods" value="POST, GET, OPTIONS" />
</customHeaders>
</httpProtocol>
<handlers>
<remove name="WebDAV" />
<remove name="ExtensionlessUrlHandler-Integrated-4.0" />
<remove name="OPTIONSVerbHandler" />
<remove name="TRACEVerbHandler" />
<add name="ExtensionlessUrlHandler-Integrated-4.0" path="*." verb="*" type="System.Web.Handlers.TransferRequestHandler" preCondition="integratedMode,runtimeVersionv4.0" />
</handlers>
<directoryBrowse enabled="true" />
After sending the request I am getting the response in inspect element (Chrome) :-
Remote Address: " My Remote Address " Request URL: " My Host URL " Request Method:OPTIONS Status Code:405 Method Not Allowed
Request Headers view source :-
Accept:/ Accept-Encoding:gzip,deflate,sdch Accept-Language:en-US,en;q=0.8,es;q=0.6,fr;q=0.4,hi;q=0.2 Access-Control-Request-Headers:accept, authorization, content-type Access-Control-Request-Method:POST Connection:keep-alive Host:" My Host URL " Origin:test Referer:/test/MyPage.aspx User-Agent:Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.1916.153 Safari/537.36
Response Headers view source :-
Access-Control-Allow-Headers:Origin, X-Requested-With, Content-Type, Accept Access-Control-Allow-Methods:GET, POST, PUT, DELETE, OPTIONS Access-Control-Allow-Origin:* Allow:POST Cache-Control:no-cache Content-Length:76 Content-Type:application/json; charset=utf-8 Date:Tue, 08 Jul 2014 12:42:10 GMT Expires:-1 Pragma:no-cache Server:Microsoft-IIS/7.5 X-AspNet-Version:4.0.30319
In MVC 5 Web Api First I added the customHeader in web.config file for the cross domain, But didn't get the output as expected. So I added the [EnableCors("", "", "*")] to each method in controller and I get the required output. Strange !! But got the output.