[Solved] ASP .Net Core Error: Specify a Cross-Origin Embedder Policy to prevent this frame from being blocked

alay
 
on Aug 11, 2022 05:20 AM
1775 Views
Answered

I have an ASP .NET application running on .NET Core 6 and ASP .NET Core 6. 

I have added some middleware using app.use in order to add some headers.

The problem is that the middleware in not executed when requesting web worker script.

Not sure how much it will help the only error is there because the headers are missing.

Specify a Cross-Origin Embedder Policy to prevent this frame from being blocked

Here is my Program.cs:

RegisterDependencies();

// Add services to the container.
builder.Services.AddControllersWithViews();


var app = builder.Build();

app.Use(async (context, next) =>
{
	context.Response.Headers.Add("Cross-Origin-Embedder-Policy", "require-corp");
	context.Response.Headers.Add("Cross-Origin-Opener-Policy", "same-origin");
	await next();
});

// Configure the HTTP request pipeline.

app.UseStaticFiles();

app.UseRouting();

app.UseAuthorization();

app.MapControllerRoute(
		name: "GetCursor",
		pattern: "Api/GetCursor/{id}/{scale}",
		defaults: new { controller = "Api", action = "GetCursor" }
		   );

app.MapControllerRoute(
				name: "API",
				pattern: "Api/{action}/{gameId?}",
				defaults: new { controller = "Api", action = "{action}"}
			);


app.MapControllerRoute(
			   name: "FEW",
			   pattern: "{*url}",
			   defaults: new { controller = "Home", action = "Index" }
		   );

app.Run();

 

Download FREE API for Word, Excel and PDF in ASP.Net: Download
dharmendr
 
on Aug 12, 2022 05:13 AM
Answer
alay
 
on Aug 13, 2022 07:02 AM
Answer

Hi dharmendr,

I have figured out what I needed to do. From the MS documents you provided I figured out that static file requests are short circuited in order to reduce processing time. This means that app.use is never executed in requests for them. There is another function that has to be called to add headers to static files. This is what I came up with:

void ApplyHeaders(IHeaderDictionary headers)
{
    headers.Add("Cross-Origin-Embedder-Policy", "require-corp");
    headers.Add("Cross-Origin-Opener-Policy", "same-origin");
}
 
app.UseStaticFiles(new StaticFileOptions()
{
    OnPrepareResponse = (context) =>
    {
        ApplyHeaders(context.Context.Response.Headers);
    }
});

app.Use(async (context, next) =>
{
    ApplyHeaders(context.Response.Headers);
    await next();
});

 

Disclaimer
This site is started with intent to serve the ASP.Net Community by providing forums (question-answer) site where people can help each other. The content posted here is free for public and is the content of its poster. The site does not provide any warranties for the posted content. If you feel any content is violating any terms please contact.
© 2023 www.aspsnippets.com All rights reserved | Privacy Policy | Powered by Excelasoft Solutions Excelasoft Solutions