I have a situation where my application will be required to access web-tiered services across different domains.
I have added the following to the web config of web adapter:
<add name="Access-Control-Allow-Credentials" value="true" />
<add name="Access-Control-Allow-Origin" value="http://sub.domain.com" />
However, when testing in chrome, I receive the following error in console:
XMLHttpRequest cannot load <url to secured service>. the Access-Control-Allow-Origin header contains multiple values 'http://sub.domain.com,http://sub.domain.com' .http://sub.domain.com is therefore not allowed access.
I have checked everything, i have definitly only configured one header in the web.config. I am using the testing tool available on the enable cors site.
Against an unsecured sevrice, it works fine as we don't have to set the allow credentials header, but with secured services, it is not working.
Have also tried firefox, and i do not have IE available in this environment.
Thanks for anyone who can help!