I have a Angular app that calls two different POST API methods. On my staging env I notice one would be correct and add a access-control-allow-origin: * in the Response headers but the other one doesn't and I find it really odd.
So technically one API call works and one doesn't when hosted on staging. They do the same thing where they just fetch a list of data
CORS in my startup file
services.AddCors(options =>
{
options.AddPolicy("CorsPolicy",
builder => builder
.AllowAnyMethod()
.AllowCredentials()
.SetIsOriginAllowed((host) => true)
.AllowAnyHeader());
});
in different part
app.UseCors("CorsPolicy");
and both controllers extend a basecontroller
[ApiVersion("1.0")]
[Route("api/v{version:apiVersion}/[controller]")]
[Authorize]
[ApiController]
[EnableCors("CorsPolicy")]
public abstract class BaseApiController : ControllerBase
a Simple Update of the database was required. The CORS issue through me off wildly but it all works fine after updating the database