Enabling CORS using F# and ASP.NET

Question

How do I enable CORS using F# and ASP.NET. I'm trying to authenticate a user with Google but I get the following error in the browser console:

No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:8080' is therefore not allowed access. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.

A reproducible example is here https://github.com/sashang/safe-google-auth

It uses F# and the SAFE framework so you'll need that setup if you want to try and reproduce this.

You'll also need to setup a client id and secret with Google+ API (https://console.cloud.google.com/apis/library/plus.googleapis.com)

Once that's done add it to your environment:

Bash:

export GOOGLE_ID="client id"
export GOOGLE_SECRET="client secret"

Windows Powershell:

$Env:GOOLGE_ID="client id"
$Env:GOOGLE_SECRET="client secret"

To build it clone the repo and run

fake build --target run

Then click on the button Auth with Google with the browser console window open to see the error.

Answer 1

In your Server.fs you don't call your configure_cors method

let app google_id google_secret = 
    application {
        url ("http://0.0.0.0:" + port.ToString() + "/")
        use_router webApp
        memory_cache
        use_static publicPath
        service_config configureSerialization
        use_gzip
        use_google_oauth google_id google_secret "/oauth_callback_google" []
        //use_cors "localhost:8080" configure_cors
        configure_cors // Add this line to your program

}