ssl access in web API ASP.Net Core 2 - ssl

I want to force the access to my web API with SSL
In Visual Studio I see this
The to force the calls to use https I have this
.UseRewriter(new RewriteOptions().AddRedirectToHttps(301,44329))
But when I make this call for example: http://localhost:5001/api/proyectos that until now worked fine. Now this call is translated to https://localhost:44329/api/proyectos and the page is nod loaded.
Any idea please?

Related

Blazor WASM (Client Side Only) - How to make HTTP Request to different APIs?

So I'm coming from Xamarin world trying to build a Blazor App. And I'm struggling with a high level understanding of why Blazor Apps ( client side only ) cannot make a basic HTTP get call to say google.com or any other http get/post call to different resources/urls?
Can someone break it down for me, am i crazy? how would i ever implement maps.google.com or other http request I'm going to need to make.
I do notice anything with a package, like SendGrid or B2C or Cosmos Nuget Packages seem to work fine... how do they get around the different domain names ?
Can i simply say on my webserver : (in English) - allow requests to google.com and someoneElsesApi.com
or would i have to contact google and have them allow my Blazor app to make calls?
Just really struggling with how to use Blazor Client Only PWA app if it cant connect or call to anything else on the web... seems pointless if a Blazor app cannot make any http calls to other services.
Ok, so yes... I found an Public Open API to test a request against, and it does work from a Blazor WASM (Client only). More specifically the below works just fine..
#inject HttpClient HttpClient
...
string responsString = await HttpClient.GetStringAsync("https://rickandmortyapi.com/api/character/5");
The problem i was having which seems confusing:
Both
Blazor WASM
Xamarin Forms apps
can both call an open public Web API just fine from HTTP Client.
But...
When I create an ASP.NET core API and publish it allowing anonymous access in azure,
Xamarin Forms can call that API
Blazor WASM cannot call it unless i specify CORS correctly in the Web API
So with my inexperience with Blazor WASM i assumed it could not do this.. while Xamarin can. So this changes to ... how is it that the Web API i created in Azure + ASP.net Core Web API - just allows the Xamarin App to call it (without CORS specification)... while CORS Must be set correctly for a Blazor WASM?

Calling C# Web API with windows authentication from external

We have an intranet site web app. It's angularjs on the front end and asp.net web api on the backend. Because it started out as internal it uses windows authentication. Now we want to create a true mobile web app and be able to call these web api's from outside our network.
Since it's outside I'm assuming windows authentication no longer works?
Is there a way to mimic this windows authentication from the client so the api's still work or is there something else that needs to be done on the web api to make them work both internally and externally? Any direction would be great!

Web Api hosted on another port on IIS is not accessible

I have two separate projects
MVC Web App
MVC Web API
I have published both on my IIS 7.5
My Web App is hosted on 7172 port
and Web API is hosted on 7171 port
Strangely iam not able to call jquery.ajax() from my web app (7172) to web api (7171) port. It gives me 405 Method not found error code.
But if i write the same jquery.ajax() in my web api project (7171) and call web api method then it work fine and returns data.
I want to call web api from my web app.
Any suggestion would be appreciated.
Thanks in advance.
This has to do with the Same Origin Policy. By default, you can't execute an AJAX call to another domain (both on name, port and protocol).
If you want to enable this you should use Cross-origin resource sharing (CORS). CORS can be used with Web API by installing a (prerelase) NuGet package: Microsoft ASP.NET Web API Cross-Origin Support
This package allows you to configure which domains can call your service. You can find a walk trough here Enabling Cross-Origin Requests in ASP.NET Web API. In essence it comes down to adding attributes to your controllers like this:
[EnableCors(origins: "http://myclient.azurewebsites.net", headers: "*", methods: "*")]
You're running into the same-origin/cross-domain security policy. The port used is part of the origin calculation. A bit of Javascript loaded from (say) localhost:80 cannot make an AJAX request to localhost:8080, because the port numbers don't match. The 405 error you're getting is almost certainly coming from your Web App, not the API - check the server logs for the app, and you'll see the ajax hit in there.

Asp.net MVC Web Api Http put and delete requests failing

I am using Asp.net MVC 4 Web Api project. MY application uses mvc to implement a web site. It makes http requests to the web api to implement server functionality.
Regular page requests to controllers work fine and it is able to display web pages. The application is able to make get and post requests to the api. But when it tries to to put or delete web requests it gets
"Failed to load resource: the server responded with a status of 501 (Not Implemented) "
The application is hosted on iis 6.
The application works when running a local cassani server instance and is able to make put and delete requests, but as soon as the application is executed from iis it doesn't work as expected.
I tried all the suggestions from the comment above and none of them worked.
I had to add the ASP.NET 4.0 dll to the Wildcard mappings in the Configuration area on the Home Directory tab. That worked for me. Remember to uncheck the "Verify file exists" checkbox.
EDIT: I posted a blog on the exact process to make this happen here: http://www.proworks.com/blog/2012/11/14/how-to-fix-aspnet-mvc-web-api-http-put-and-delete-requests-failing/

MVC Mini Profiler on IIS 6

Has anyone been able to get the MVC mini profiler working on IIS 6? I've set up the profiler in my application and it works perfectly in Visual Studio, IIS Express and IIS 7.5 but when I put the exact same application onto IIS 6 it won't work.
The problem seems to be around loading /mini-profiler-includes.js, I just get a 404 response. I've checked the route table and the correct routes have been registered by the profiler but apart from that I'm not sure what else to try.
On IIS 7, ASP.NET by default runs in integrated mode so the ASP.NET runtime will handle all requests, however on IIS 6 ASP.NET only handles extensions explicitly listed in the mappings section.
When the request comes in for /mini-profiler-includes.js IIS sees the .js and tries to serve the static file but as the file is "generated" by ASP.NET the handler never gets hit and a 404 error is returned.
In order to fix this you need to add a wildcard mapping to IIS so all requests get handed to ASP.NET. This blog post has a good walkthrough of the process.