ActiveReports 19 User Guide
Developers / Create Designer and Viewer Applications / Js Viewer Application / View Reports from Different Domains using CORS
In This Topic
View Reports from Different Domains using CORS
In This Topic

Cross-Origin Resource Sharing is a technology for the web that provides async web operations to directly access reports from different domains. CORS works by adding a special header to responses from a server to the client. If a response contains the Access-Control-Allow-Origin header, then you can directly access the reports from another domain.

Cross-Origin Resource Sharing

The following viewers require CORS:

  1. Js Viewer
  2. HTMLViewer (WebViewer control)
  3. RawHTML (WebViewer control)

.NET Framework

If Server is an ASP.NET application, then following markup should be added to the web.config file:

web.config
Copy Code 
<customHeaders>
     <add name="Access-Control-Allow-Origin" value="http://localhost:44362" />
     <add name="Access-Control-Allow-Methods" value="GET, POST, OPTIONS" />
     <add name="Access-Control-Allow-Credentials" value="true"/>
     <add name="Access-Control-Allow-Headers" value="pragma,cache-control,expires,content-type"/>
     <add name="Access-Control-Expose-Headers" value="Content-Disposition"/>
 </customHeaders>

 Replace the "http://localhost:44362" with the actual client url.

.NET Core

If Server is an ASP.NET Core application,

1. Add the following code to the Startup.ConfigureServices method in Startup.cs file:

Startup.cs
Copy Code 
public void ConfigureServices(IServiceCollection services)
{
    services
        .AddLogging(config =>
        {
            config.ClearProviders();
            if (Environment.GetEnvironmentVariable("ASPNETCORE_ENVIRONMENT") == Environments.Development)
            {
                config.AddConsole();
            }
        })
        .AddCors(options =>
        {
            options.AddPolicy("AllowAll", builder =>
            {
                builder.SetIsOriginAllowed(origin => new Uri(origin).Host == "XXXX")
                .AllowCredentials()
                .AllowAnyMethod()
                .AllowAnyHeader()
                .WithExposedHeaders("Content-Disposition");
            });
        })
        .AddReportViewer()
        .AddMvc(option => option.EnableEndpointRouting = false);
}

2. Add the following code to the Startup.Configure method in Startup.cs file:

Startup.cs
Copy Code 
public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
{
    if (env.IsDevelopment())
    {
        app.UseDeveloperExceptionPage();
    }
    app.UseCors("AllowAll");
    app.UseReportViewer(settings =>
    {
        settings.UseEmbeddedTemplates(EmbeddedReportsPrefix, Assembly.GetAssembly(app.GetType()));
        settings.UseCompression = true;
    });
    app.UseMvc();
}
Note: If you get error 404 or 500 on the report preview, please make sure that your browser supports CORS.