CORS Error on browser back button
|Added at||2017-01-01 06:01|
I have a ASP.NET Web API 2 Service. And multiple client(angular) applications talks to that service. the applications and the service are published on different sub domains, like the following:
I used Microsoft.AspNet.WebApi.Cors - NuGet package to enable CORS, it is working fine, except for one scenario: When the user opens one application (app1.mydomain.com). Then navigates to another (app2.mydomain.com). Then presses the browser back button. the follwoing CORS Error:
I Configured The Microsoft.AspNet.WebApi.Cors - NuGet package, as follows:
I traced the Origin header values on the server. I put the following code in the service 'global.asax' :
The problem happens when user clicks back button form 'app2.mydomain.com' to 'app1.mydomain.com', the origin sent with the request is 'app2.mydomain.com', and there that is what the service allows access to:
Any Way around this?
Note that I can't put '*' because the requests are authenticated.