I have a big problem with my web app. Starting with some info... the backend is in ASP.NET Core 6, and the frontend is in React. I deploy this site using Azure Container Apps inside the same Resource Group end in the same Container Environment.
All works fine until I decided to change backend visibility from External to Internal. From this moment, when the frontend calls backend I have CORS error and the backend is never called.
Inside the Program.cs of the application is managed yet the CORS policy that accepting ALL. But it still don't work.
Any endpoint the browser calls must be external. Otherwise the browser won't be able to reach it. Internal endpoints are for server to server communication or microservices talking to each other. Like a webapp using redis for a cache, the browser never talks to redis. It talks to the webapp, and the webapp decides whether to request something from redis or not.
Similarly, if you deploy your React app and your API backend as 2 apps, but expect the React app running in the browser to call your API back directly, then you need to make both external.
If you want to make the API app internal, then you'll need to send the calls to the react app backend and proxy them to the internal app there.
See: