I am in the process of integrating Piranha CMS (v8.4) into an existing ASP .NET Core 3.1 project. I’ve gotten Piranha working, but I get an exception indicating CORS is not set up properly.

I’ve managed to track the source of the problem down to the configuration of the Piranha middleware. The line options.UseManager() is what causes the problem and when options.UseManager() line is commented out, the CORS middleware functions as expected.

         app.UsePiranha(options =>
        {
            options.UseManager();
            options.UseTinyMCE();
            options.UseIdentity();
        });

InvalidOperationException: Endpoint contains CORS metadata, but a middleware was not found that supports CORS. Configure your application startup by adding app.UseCors() inside the call to Configure(..) in the application startup code. The call to app.UseAuthorization() must appear between app.UseRouting() and app.UseEndpoints(...).

My CORS policy is configured like this. Calling before or after UsePiranha makes no difference:

        // global cors policy
        app.UseCors(x => x
            .AllowAnyMethod()
            .AllowAnyHeader()
            .SetIsOriginAllowed(origin => env.IsDevelopment()) //any origin in dev
            .AllowCredentials());  

`

The problem is that the call to UseManager calls UseRouting. Per the exception, UseCors needs to be configured BEFORE UseRouting. The solution is to configure CORS between the calls to UseIdentity and UseManager.

 app.UsePiranha(options =>
            {
                options.UseTinyMCE();
                options.UseIdentity();

                app.UseCors(x => x
                   .AllowAnyMethod()
                   .AllowAnyHeader()
                   .SetIsOriginAllowed(origin => env.IsDevelopment()) //any origin in dev
                   .AllowCredentials());

                options.UseManager();
            });