For Microsoft IIS7, merge this into the web.config file at the root of your application or site:

<?xml version="1.0" encoding="utf-8"?>
       <add name="Access-Control-Allow-Origin" value="*" />

If you don't have a web.config file already, or don't know what one is, just create a new file called web.config containing the snippet above.

Who’s behind this

Monsur Hossain and Michael Hausenblas


The content on this site stays fresh thanks to help from users like you! If you have suggestions or would like to contribute, fork us on GitHub.

Buy the book

Save 39% on CORS in Action with promotional code hossainco at