CORS support is very easy to setup in WebApi, but the docs are outdated. They removed the parameterless constructor and didn’t update the docs. For testing purposes, you should just pass “*” for all three parameters. In production you should limit to hosts that you want to be able to call your endpoint.
Here’s what you need to do:
1. Nuget CORS: Microsoft.AspNet.WebApi.Cors – You need to include prerelease packages when you do a search.
2. Call EnableCors from WebApiConfig
public static class WebApiConfig
3. Make** $http calls** from AngularJS or any other Spa framework.
return $http.post('http://localhost:45211/api/values/add/', value);
Here are the error messages you’ll get when you try to make a cross domain call:
OPTIONS http://localhost:45211/api/values/add/ 405 (Method Not Allowed) angular.min.js:99