ServiceStack CORS Issue with React

I couldn’t get Fiddler to work on Mac so I set up a test on Windows with the same error coming back. Here is the pre-flight options response but from a Fiddler perspective it never gets beyond the pre-flight, the delete call is never initiated.

That response suggests the request never reached ServiceStack, i.e. the OPTIONS request was handled by ASP.NET before it could reach ServiceStack which would’ve returned the Access-Control-Allow-Origin header since the Origin sent matches your CorsFeature configuration.

So you’ll need to look for what ASP.NET module/feature is intercepting the OPTIONS request and disable it.

So, do you have a default IIS setup when utilizing ServiceStack to resolve this so ServiceStack has control of the entire process?

ServiceStack can run on an empty ASP.NET Web Application (or any of the ASP.NET VS.NET Templates or .NET Framework Templates) and only needs this Web.config configuration to run.

The handler mapping says forward all requests to ServiceStack, but it’s not going to be able to disable any Global or Site modules you’ve got configured in your IIS and it looks like you have another module that’s interfering with the request either registered in IIS or your Web.config.

If you can put together a small minimal repro example that repro’s the issue on your end, I can run it locally to see if I’m also able to repro it, if I can’t it means it’s an IIS or out-of-band module that’s causing it.

We finally have ServiceStack responding to CORS based PUT and DELETE. Thank you for your continued patience and communication while we worked through this.

Here was the final requirements for our IIS 10 scenario. I’ve uploaded as an image since the message box wouldn’t allow some of the code examples.

One other question, can we default json within ServiceStack so it doesn’t have to be in the requesting url? EX:/NDBServiceStack/staff/hierarchy/72?format=json [Don’t require the ?format=json? See #5.

The recommended way to request a specific content type is to add it to the Accept HTTP Request Header, e.g:

headers: {
  'Accept': 'application/json',

Alternatively you can specify JSON as the default content type in your AppHost with:

SetConfig(new HostConfig {
     DefaultContentType = MimeTypes.Json 

An issue when calling web services from a web browser is they can ask for Accept: text/html and not JSON which by contract ServiceStack obliges by returning back HTML if it is enabled.

To ensure JSON is returned you can disable the HTML feature with:

SetConfig(new HostConfig {
    EnableFeatures = Feature.All.Remove(Feature.Html),