// IMyScopedService is injected into Invoke
public async Task Invoke(HttpContext httpContext)
{
var policy = CorsHelper.SetupCors().Build();
var origin = httpContext.Request.Headers[CorsConstants.Origin];
StringBuilder output = new StringBuilder();
output.AppendLine($"\n-----------\nCORS request at {DateTime.Now} from {httpContext?.Connection?.RemoteIpAddress?.ToString() ?? "unknown IP"}");
output.AppendLine($"policy origins: {string.Join(",", policy.Origins)}, origin: {origin}, allowed: {policy.IsOriginAllowed(origin)}");
try
{
CorsResult result = _service.EvaluatePolicy(httpContext, policy);
output.AppendLine(result.ToString());
output.AppendLine($"is origin allowed: {result.IsOriginAllowed}");
output.AppendLine($"headers before applying cors: {PrintHeaders(httpContext.Response)}");
_service.ApplyResult(result, httpContext.Response);
output.AppendLine($"headers after applying cors: {PrintHeaders(httpContext.Response)}");
output.AppendLine($"is origin allowed: {result.IsOriginAllowed}");
}
catch (Exception e)
{
output.AppendLine($"Caught {e.Message}: {e.StackTrace}");
}
_logger.LogInformation(output.ToString());
await _next(httpContext);
}
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
{
app.UseMiddleware <CorsInspectionMiddleware>();
app.UseCors(options => CorsHelper.SetupCors(options));
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
//app.UseHttpsRedirection();
app.UseRouting();
app.UseAuthentication();
app.UseAuthorization();
app.UseEndpoints(endpoints => { endpoints.MapControllers(); });
}