This is my API:
[ApiController]
[Route("[controller]")]
public class APIController : ControllerBase
{
// [Authorize]
[HttpGet("[action]")]
public string GetInformation() { return "Something !"; }
}
And this is my action in my ASP.NET Core 5 MVC web app:
public async Task<IActionResult> GetInfoFromAPI()
{
using var client = new HttpClient();
var requ = new HttpRequestMessage
{
Method = HttpMethod.Get,
RequestUri = new Uri("http://localhost:5000/API/GetInformation"),
Content = new StringContent(string.Empty, Encoding.UTF8, MediaTypeNames.Application.Json)
};
var resp = await client.SendAsync(requ);
var Result = await resp.Content.ReadAsStringAsync();
return View("GetInfoFromAPI", Result);
}
Amazing! How does it work? Why does it work? I didn't enable "Cross-Origin Requests" (CORS) in my API startup !
If any HttpGet/Post/...
from any origin can get information from my API, so what is CORS? What is the use for it?