2

I have an ASP.NET Core 3.1 API backend which is already configured to allow CORS for my web app -- see below.

I'm now building a mobile app in React Native. How do I add the specific origin for my React Native app so that my API accepts requests from my mobile app?

I don't want to allow everyone and any app. I do want to keep it as secure as possible and specify my web and mobile apps.

Here's what's currently in my Startup.cs:

services.AddCors(action =>
       action.AddPolicy("AllowSpecificOrigin", builder =>
          builder
          .AllowAnyMethod()
          .AllowAnyHeader()
          .WithOrigins("https://mywebapp.com", "http://localhost:50920", "https://myaccount.service.signalr.net", "http://localhost:3000")
          .AllowCredentials()));
Improve this question

1 Answer 1

Reset to default
1

CORS only applies to AJAX requests from browsers. By adding and using CORS in your application all it does is just adding a Access-Control-Allow-Origin: header to the response. Then the browser can lookup the value of that header and either block the AJAX or allow.

So in terms of other clients than web browsers CORS has nothing to do for accessing your API

Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

So don't we need to add cors code into our Startup.cs, if we just have react native mobile app as frontend?
no, if it is a native mobile app, there is no such nee

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.