Search code examples
angularasp.net-corecorselsa-workflows

Cors issue in HttpResponse Activity

I'm running the Elsa-Core - AspnetCore Monolith Dashboard sample.

Workflow:,

image

This problem happens in the HttpReponse Activity, the HttpEndpoint works fine

I'm getting an error on the client which I can't catch in the server, I think the problem happens in:

Elsa.Activities.Http -> WriteHttpResponse -> OnExecuteAsync(ActivityExecutionContext context)

It seems that response.WriteAsync fires some background thread that fails at some point but the exception is not caught:

        /// <summary>
        /// The headers to send along with the response.
        /// </summary>
        [ActivityProperty(Hint = "Additional headers to write.", UIHint = ActivityPropertyUIHints.Json)]
        public HttpResponseHeaders? ResponseHeaders { get; set; }

        protected override async ValueTask<IActivityExecutionResult> OnExecuteAsync(ActivityExecutionContext context)
        {
    
            var httpContext = _httpContextAccessor.HttpContext ?? new DefaultHttpContext();
            var response = httpContext.Response;

          ...

            var bodyText = Content;

            if (!string.IsNullOrWhiteSpace(bodyText))
            {
                try
                {
                    
                    await response.WriteAsync(bodyText, context.CancellationToken); 
                  
                    await Task.Delay(5000);      <--CLIENT FAILS HERE
                    Console.WriteLine("Delay End");
                  
                   
                }
                catch(Exception ex)
                {
                    var z = ex;
                }
            }
           
            return Done();
        }

The API function has not returned when the client already fails:

image

image

Client only says "Unknown Backend Error, Status = 0"

The workflow instances are created and Finished OK

image

This doesn't happen if the call is made from the browser, so it has to be CORS related

I'm using Angular 10, tried in a clean empty project, no credentials, no extra headers in the http call

Solution

  • Make sure to update your Startup class to:

    1. Add CORS services, and
    2. Add CORS middleware.

    As you already figured out, make sure to add the CORS middleware component before the call to app.UseHttpActivities() (which is the middleware handling HTTP workflow requests).

    Sample code in ConfigureServices:

    // Allow arbitrary client browser apps to access the API for demo purposes only.
// In a production environment, make sure to allow only origins you trust.
services.AddCors(cors => cors.AddDefaultPolicy(policy => policy.AllowAnyHeader().AllowAnyMethod().AllowAnyOrigin().WithExposedHeaders("Content-Disposition")));

    Sample code in Configure:

    app
    .UseCors()
    .UseHttpActivities()
    .UseRouting()
    .UseEndpoints(endpoints => { endpoints.MapControllers(); });

    With that in place, your AJAX calls from your Angular application should now be allowed.