Try our conversational search powered by Generative AI!

AI OnAI Off

ContentSearchApi CORS configuration?

Anders
Anders
Vote:
 

I'm trying to migrate our current CMS 11 solution to CMS 12 and I'm currently stuck on setting up the Content Delivery API.

For the Content Delivery API there is a CORS configuration setting which works as expected.
https://docs.developers.optimizely.com/content-cloud/v1.5.0-content-delivery-api/docs/configuration#cors

However I don't see anything similar for Content Search API.

https://docs.developers.optimizely.com/content-cloud/v1.5.0-content-delivery-api/docs/content-search-api

And calling the API does not add CORS headers configured for Content Delivery API

So my question is how does one configure CORS headers for the Content Search API?

Using
EPiServer.ContentDeliveryApi.Cms 3.6.0
EPiServer.ContentDeliveryApi.Search 3.6.0

Current setup:

private readonly string _contentDeliveryApiCorsPolicy = "ContentDeliveryApiCorsPolicy";

 services.AddCors(options =>
            {
                options.AddPolicy(
                    this._contentDeliveryApiCorsPolicy,
                    builder =>
                    {
                        builder
                            .WithOrigins(webConfiguration.ContentDeliveryAllowedOrigins.ToArray())
                            .WithExposedContentDeliveryApiHeaders()
                            .AllowAnyMethod()
                            .AllowAnyHeader()
                            .AllowCredentials();
                    });
            });

 services.ConfigureContentApiOptions(options =>
            {
                options.FlattenPropertyModel = true;
            });
            services.AddContentDeliveryApi(options =>
            {
                options.SiteDefinitionApiEnabled = false;
                options.CorsPolicyName = this._contentDeliveryApiCorsPolicy;
            });
            services.AddContentSearchApi(options =>
            {
                options.MaximumSearchResults = 20;
                options.SearchCacheDuration = TimeSpan.FromMinutes(10);
            });

Content Delivery Api Request example


Content Search API Request example

#299502
Edited, Apr 04, 2023 8:39
Anders
Anders
Vote:
 

Was able to solve this using a default cors policy which the search api uses. 

 services.AddCors(options =>
            {
                options.AddPolicy(
                    this._contentDeliveryApiCorsPolicy,
                    builder =>
                    {
                        builder
                            .WithOrigins(webConfiguration.ContentDeliveryAllowedOrigins.ToArray())
                            .WithExposedContentDeliveryApiHeaders()
                            .AllowAnyMethod()
                            .AllowAnyHeader()
                            .AllowCredentials();
                    });

                options.AddDefaultPolicy(
                    builder =>
                    {
                        builder
                            .WithOrigins(webConfiguration.ContentDeliveryAllowedOrigins.ToArray())
                            .WithExposedContentDeliveryApiHeaders()
                            .AllowAnyMethod()
                            .AllowAnyHeader()
                            .AllowCredentials();
                    });
            });

But there should really be a specific policy in the configuration like AddContentDeliveryApi uses. 

#299575
Apr 05, 2023 8:19
This topic was created over six months ago and has been resolved. If you have a similar question, please create a new topic and refer to this one.
* You are NOT allowed to include any hyperlinks in the post because your account hasn't associated to your company. User profile should be updated.