ActiveReports 18 .NET Edition
Developers / Create Applications / Js Viewer Application / View Reports from Different Domains using CORS
In This Topic
    View Reports from Different Domains using CORS
    In This Topic

    Cross-Origin Resource Sharing is a technology for the web that provides async web operations to directly access reports from different domains. CORS works by adding a special header to responses from a server to the client. If a response contains the Access-Control-Allow-Origin header, then you can directly access the reports from another domain.

    Cross-Origin Resource Sharing

    The following viewers require CORS:

    1. Js Viewer
    2. HTMLViewer (WebViewer control)
    3. RawHTML (WebViewer control)

    .NET Framework

    If Server is an ASP.NET application, then following markup should be added to the web.config file:

    web.config
    Copy Code 
    <customHeaders>
     <add name="Access-Control-Allow-Origin" value="http://localhost:44362" />
     <add name="Access-Control-Allow-Methods" value="GET, POST, OPTIONS" />
     <add name="Access-Control-Allow-Credentials" value="true"/>
     <add name="Access-Control-Allow-Headers" value="pragma,cache-control,expires,content-type"/>
     <add name="Access-Control-Expose-Headers" value="Content-Disposition"/>
 </customHeaders>

     Replace the "http://localhost:44362" with the actual client url.

    .NET Core

    If Server is an ASP.NET Core application,

    1. Add the following code to the Startup.ConfigureServices method in Startup.cs file:

    Startup.cs
    Copy Code 
    public void ConfigureServices(IServiceCollection services)
{
    services
        .AddLogging(config =>
        {
            config.ClearProviders();
            if (Environment.GetEnvironmentVariable("ASPNETCORE_ENVIRONMENT") == Environments.Development)
            {
                config.AddConsole();
            }
        })
        .AddCors(options =>
        {
            options.AddPolicy("AllowAll", builder =>
            {
                builder.SetIsOriginAllowed(origin => new Uri(origin).Host == "XXXX")
                .AllowCredentials()
                .AllowAnyMethod()
                .AllowAnyHeader()
                .WithExposedHeaders("Content-Disposition");
            });
        })
        .AddReportViewer()
        .AddMvc(option => option.EnableEndpointRouting = false);
}

    2. Add the following code to the Startup.Configure method in Startup.cs file:

    Startup.cs
    Copy Code 
    public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
{
    if (env.IsDevelopment())
    {
        app.UseDeveloperExceptionPage();
    }
    app.UseCors("AllowAll");
    app.UseReportViewer(settings =>
    {
        settings.UseEmbeddedTemplates(EmbeddedReportsPrefix, Assembly.GetAssembly(GetType()));
        settings.UseCompression = true;
    });
    app.UseMvc();
}
    Note: If you get error 404 or 500 on the report preview, please make sure that your browser supports CORS.