AspNetCore.SignalR 2.1 and CORS

asked8 years ago
last updated4 years ago
viewed16.5k times
Up Vote20Down Vote

I'm migrating our SignalR-Service to the new AspNetCore.SignalR (2.1 preview) and now I get problems with CORS. I will never access the service from the same origin, so I need to disable CORS in general.

I have the folowing CORS policy 

services.AddCors(
            options => options.AddPolicy("AllowCors",
                builder =>
                {
                    builder
                        .AllowAnyOrigin()
                        .AllowCredentials()
                        .AllowAnyHeader()
                        .AllowAnyMethod();
                })
        );

With the old preview package of SignalR for AspNetCore (AspNetCore.SignalR.Server) I don't got any problems but now, my test client got some http-405 which seems like an issue with CORS.

Is there maybe a extra CORS configuration for SignalR, or do I need to allow something else?

: I created a fresh/clean sample project without any special middleware to check If the error happens here and it does.

using System;
using System.Collections.Generic;
using System.Linq;
using System.Threading.Tasks;
using Microsoft.AspNetCore.Builder;
using Microsoft.AspNetCore.Hosting;
using Microsoft.Extensions.Configuration;
using Microsoft.Extensions.DependencyInjection;
using Microsoft.Extensions.Logging;
using Microsoft.Extensions.Options;
using WebApplication1.HUBs;

namespace WebApplication1
{
    public class Startup
    {
        public Startup(IConfiguration configuration)
        {
            Configuration = configuration;
        }

        public IConfiguration Configuration { get; }
        public void ConfigureServices(IServiceCollection services)
        {
            services.AddCors(
                options => options.AddPolicy("AllowCors",
                    builder =>
                    {
                        builder
                            .AllowAnyOrigin()
                            .AllowCredentials()
                            .AllowAnyHeader()
                            .AllowAnyMethod();
                    })
            );
            services.AddMvc();
            services.AddSignalR(options =>
            {
            });
        }
        public void Configure(IApplicationBuilder app, IHostingEnvironment env)
        {
            if (env.IsDevelopment())
            {
                app.UseDeveloperExceptionPage();
            }

            app.UseCors("AllowCors");
            app.UseMvc();
            app.UseSignalR(routes =>
            {
                routes.MapHub<TestHub>("/test");
            });
        }
    }
}

private HubConnection _hubConnection;
    private void button1_Click(object sender, EventArgs e)
    {
        var connection = new HubConnectionBuilder().WithUrl("http://localhost:63771/test")
            .WithConsoleLogger()
            .WithTransport(Microsoft.AspNetCore.Sockets.TransportType.WebSockets)
            .Build();
        connection.StartAsync();
    }

fail: Microsoft.AspNetCore.Sockets.Client.HttpConnection[8]
   01/10/2018 15:25:45: Failed to start connection. Error getting negotiation response from 'http://localhost:63771/test'.
System.Net.Http.HttpRequestException: Response status code does not indicate success: 405 (Method Not Allowed).
   bei System.Net.Http.HttpResponseMessage.EnsureSuccessStatusCode()
   bei Microsoft.AspNetCore.Sockets.Client.HttpConnection.<Negotiate>d__42.MoveNext()
c#asp.net-corecorsasp.net-core-signalr
edited
from the blog
Generating the PvQ Leaderboard
Getting Help in the Age of LLMs