The 'Access-Control-Allow-Origin' header contains multiple values '*, *', but only one is allowed. cors error not resolving - Asp.net

NaveenK
March 30, 2023
312 views
3 votes
3 Answers

Access to XMLHttpRequest at
‘https://apicredit2fa.devserver.co.in/api/adminaccount/signin’ from
origin ‘http://localhost:3000’ has been blocked by CORS policy

Response to preflight request doesn’t pass access control check: The ‘Access-Control-Allow-Origin’ header contains multiple values ‘*, *’, but only one is allowed.

I cofigured the default cores and using middleware app.UseCors(); as well

I tried with fixed cores but getting * and core name . multiple error remains

Tags: asp.net asp.net-core c#cors

Answers

Chosen as BEST ANSWER
- NaveenK
- March 31, 2023 at 8:43 am
- 0 votes
0
issue resolved. problem was nginx proxy server that was adding extra header value.

(Edit)

- firatt_
- March 30, 2023 at 2:31 pm
- 0 votes
0
Hello you can try this
```
services.AddCors(options =>
            {
                options.AddPolicy("CorsPolicy",
                    builder => builder.AllowAnyOrigin()
                        .AllowAnyMethod()
                        .AllowAnyHeader());
            });
```
and below consume this policy It works
```
app.UseCors("CorsPolicy");
```
Login or Signup to reply.

- RuikaiFeng
- March 31, 2023 at 7:17 am
- 0 votes
0
The error

The ‘Access-Control-Allow-Origin’ header contains multiple values ‘*,
*’, but only one is allowed.

indicates there’re mutipule 'Access-Control-Allow-Origin' in your response headers

and if you configured AllowAnyOrigin() when you regist cros,it would add 'Access-Control-Allow-Origin' :"*" to your response header,
try remove AllowAnyOrigin() and observe if there’re any other error or check if you added the header anwhere else again

If you still have problem,please show us a minimal example that could reproduce the error

Login or Signup to reply.