Azure: CORS — No ‘Access-Control-Allow-Origin’ header is present

Автор: | 07/11/2016
 

azure_logoПосле подключения внешнего домена к WebApp в Azure — страница открывается с ошибками:

Font from origin ‘http://musikmatedev.azurewebsites.net’ has been blocked from loading by Cross-Origin Resource Sharing policy: No ‘Access-Control-Allow-Origin’ header is present on the requested resource. Origin ‘http://music-de.ms’ is therefore not allowed access. The response had HTTP status code 404.

и:

XMLHttpRequest cannot load http://musikmatedev.azurewebsites.net/get_Step_1.php?lang=EN&. Request header field X-Requested-With is not allowed by Access-Control-Allow-Headers in preflight response.

Решение — добавить CORS через web.config:

<?xml version="1.0" encoding="utf-8"?>
<configuration>
    <system.webServer>
        <httpProtocol>
            <customHeaders>
                <add name="Access-Control-Allow-Origin" value="*" />
                <add name="Access-Control-Allow-Headers" value="Origin, X-Requested-With, Content-Type, Accept" />
            </customHeaders>
        </httpProtocol>
    </system.webServer>
</configuration>

Сохраняем, проверяем:

$ git add web.config && git commit -m "AllowCors" && git push

Готово.