I need to enable CORS for my Web API and I can't upgrade to Framework 4.5 at the moment. (I know about System.Web.Http.Cors.EnableCorsAttribute.)
I've tried to add the following to my Web.config to see if it worked, but it didn't:
<system.webServer>
<httpProtocol>
<customHeaders>
<add name="Access-Control-Allow-Origin" value="*"/>
</customHeaders>
</httpProtocol>
I've also tried to set the Access-Control-Allow-Origin header to "*" manually by use of System.Web.Http.Filters.ActionFilterAttribute (based on this post: Add custom header to all responses in Web API) - but that didn't work out either as the request is rejected before it gets to the action filtering.
So I'm kinda stuck now.. Any help is appreciated.
Edit: Turns out
<add name="Access-Control-Allow-Origin" value="*"/>
was the answer all along, I must've done something wrong previously when I tested it. But this solution means that all actions are CORS enabled (which will do for now).
See Question&Answers more detail:os