In a Blazor Server application, if you want to use both AllowCredentials() and AllowAnyOrigin() with respect to CORS settings, then add SetIsOriginAllowed(Func<string,bool> predicate) under ConfigureServices in the Startup.cs file instead of using AllowAnyOrigin(). See the following code snippet.
[Startup.cs]
public void ConfigureServices(IServiceCollection services)
{
……
……
services.AddCors(options =>
{
options.AddPolicy("Open", builder =>
builder.SetIsOriginAllowed(_ => true).
AllowAnyMethod().
AllowAnyHeader().
AllowCredentials());
});
}
Refer to this link for more information.
Permalink