diff --git a/Oqtane.Server/Controllers/FileController.cs b/Oqtane.Server/Controllers/FileController.cs index 65ead05f..7dc5cfb6 100644 --- a/Oqtane.Server/Controllers/FileController.cs +++ b/Oqtane.Server/Controllers/FileController.cs @@ -20,6 +20,7 @@ using SixLabors.ImageSharp; using SixLabors.ImageSharp.Processing; using SixLabors.ImageSharp.Formats.Png; using System.Net.Http; +using Microsoft.AspNetCore.Cors; // ReSharper disable StringIndexOfIsCultureSpecific.1 @@ -358,6 +359,7 @@ namespace Oqtane.Controllers } // POST api//upload + [EnableCors(Constants.MauiCorsPolicy)] [HttpPost("upload")] public async Task UploadFile(string folder, IFormFile formfile) { diff --git a/Oqtane.Server/Startup.cs b/Oqtane.Server/Startup.cs index 93126c03..e777f4ed 100644 --- a/Oqtane.Server/Startup.cs +++ b/Oqtane.Server/Startup.cs @@ -133,7 +133,7 @@ namespace Oqtane services.AddCors(options => { - options.AddPolicy(Constants.MauiUserAgent, + options.AddPolicy(Constants.MauiCorsPolicy, policy => { policy.WithOrigins("https://0.0.0.0", "http://0.0.0.0", "app://0.0.0.0") @@ -186,11 +186,11 @@ namespace Oqtane app.UseHttpsRedirection(); app.UseStaticFiles(); - app.UseCors(Constants.MauiUserAgent); app.UseTenantResolution(); app.UseJwtAuthorization(); app.UseBlazorFrameworkFiles(); app.UseRouting(); + app.UseCors(); app.UseAuthentication(); app.UseAuthorization(); diff --git a/Oqtane.Shared/Shared/Constants.cs b/Oqtane.Shared/Shared/Constants.cs index f9573a65..efef37e3 100644 --- a/Oqtane.Shared/Shared/Constants.cs +++ b/Oqtane.Shared/Shared/Constants.cs @@ -77,6 +77,7 @@ namespace Oqtane.Shared public static readonly string MauiUserAgent = "MAUI"; public static readonly string MauiAliasPath = "Alias-Path"; + public const string MauiCorsPolicy = "MauiCorsPolicy"; // must be a constant to be used with an attribute public static readonly string VisitorCookiePrefix = "APP_VISITOR_";