NEW!
CSHTML5 has now become OpenSilver!

We are happy to announce that CSHTML5 has been significantly improved and rebranded to 'OpenSilver', which stands for 'Open-source reimplementation of Silverlight'. It is fully backward compatible and it can be downloaded from OpenSilver.net. Upgrading from CSHTML5 to OpenSilver is very easy.
Read the FAQ

How to use Fiddler to test with servers that do not authorize cross site requests

Tutorial

  1. Install Fiddler2
  2. Go to Rules > Customize Rules... or similar
  3. Add the following code near the top, next to the other RulesOption declarations:

public static RulesOption("Force CORS")

var m_ForceCORS: boolean = true;

  1. Add the following code at the end of the OnBeforeRequest method:

// If it's an OPTIONS request, fake the response and return w/e the client expects.

if (m_ForceCORS && oSession.oRequest.headers.HTTPMethod == "OPTIONS") {

     oSession.utilCreateResponseAndBypassServer();

     oSession.oResponse.headers.Add("Access-Control-AllowOrigin", oSession.oRequest.headers["Origin"]);

     oSession.oResponse.headers.Add("Access-Control-AllowMethods", "GET, POST, PUT, DELETE, OPTIONS");

     oSession.oResponse.headers.Add("Access-Control-AllowHeaders", "Content-Type, SOAPAction, Authorization, Accept, Csrf-Token, X-Requested-With, cloudSession, WbeSession, Cookie");

     oSession.oResponse.headers.Add("Access-Control-MaxAge", "1728000");

     oSession.oResponse.headers.Add("Access-Control-AllowCredentials", "true");

     oSession.responseCode = 200;

}

  1. Add the following code at the end of the OnBeforeResponse method:

 // Also add the headers to any real response with an "Origin:" header set

if (m_ForceCORS && oSession.oRequest.headers.Exists("Origin")) {

     oSession.oResponse.headers.Remove("Access-ControlAllow-Origin");

     oSession.oResponse.headers.Add("Access-Control-AllowOrigin", oSession.oRequest.headers["Origin"]) ;

     oSession.oResponse.headers.Remove("Access-ControlAllow-Methods");

     oSession.oResponse.headers.Add("Access-Control-AllowMethods", "GET, POST, PUT, DELETE, OPTIONS");

     oSession.oResponse.headers.Remove("Access-ControlAllow-Headers");

     oSession.oResponse.headers.Add("Access-Control-AllowHeaders", "Content-Type, SOAPAction, Authorization, Accept, Csrf-Token, X-Requested-With, cloudSession, WbeSession, Cookie");

     oSession.oResponse.headers.Remove("Access-Control-MaxAge");

     oSession.oResponse.headers.Add("Access-Control-MaxAge", "1728000");

     oSession.oResponse.headers.Remove("Access-ControlAllow-Credentials");

     oSession.oResponse.headers.Add("Access-Control-AllowCredentials", "true");

}

  1. With Fiddler running, go to Rules and check the new menu entry "Force CORS".

 

  

Contact Us

Please click here for contact information.