Figer's Technology Consulting | Enable Access-Control-Allow-Origin in IIS6 & IIS7 for webapi calls

Enable Access-Control-Allow-Origin in IIS6 & IIS7 for webapi calls

To allow your newly created webapi web service calls to be accessed from ajax post calls from another website you need to enable this setting in either IIS6 or IIS7 IIS6
  1. Open Internet Information Service (IIS) Manager
  2. Right click the site you want to enable CORS for and go to Properties
  3. Change to the HTTP Headers tab
  4. In the Custom HTTP headers section, click Add
  5. Enter Access-Control-Allow-Origin as the header name
  6. Enter * as the header value
  7. Click Ok twice


IIS7 - Add this to your web.config
<?xml version="1.0" encoding="utf-8"?>
<configuration>
 <system.webServer>
   <httpProtocol>
     <customHeaders>
       <add name="Access-Control-Allow-Origin" value="*" />
     </customHeaders>
   </httpProtocol>
 </system.webServer>
</configuration>
Comments are closed