I’m encountering a CORS (Cross-Origin Resource Sharing) issue between my frontend Angular application and backend .NET API, both hosted within Azure Container Apps. Despite various attempts to configure CORS settings, the error persists. Here’s the setup:

Frontend: Angular application
Backend: .NET API
Hosting: Both applications are deployed within the same Azure Container App environment.
The backend API’s ingress is configured to be internal to the Azure Container Apps environment, yet I’m consistently facing CORS errors when attempting to access the API from the frontend.

Here’s what I’ve tried so far without success:

Configuring CORS settings in the Container App: I’ve attempted to set up CORS settings within the Azure Container App configuration, but the error persists.

Configuring CORS settings in the backend .NET API (program.cs): I’ve also tried configuring CORS directly within the .NET API’s code in the program.cs file, but this hasn’t resolved the issue either.

options.AddPolicy("AllowProd", builder => 
    builder.WithOrigins("<FRONTEND_URL>")
    .AllowAnyHeader()
    .AllowAnyMethod());

Proxy Configuration: Additionally, I’ve experimented with setting up a proxy configuration in the Nginx configuration of the Azure Container App, hoping to circumvent the CORS issue, but to no avail.

server {
    listen 80;
    sendfile on;
    default_type application/octet-stream;

    # Gzip configuration
    gzip on;
    gzip_http_version 1.1;
    gzip_disable "MSIE [1-6].";
    gzip_min_length 256;
    gzip_vary on;
    gzip_proxied expired no-cache no-store private auth;
    gzip_types text/plain text/css application/json application/javascript application/x-javascript text/xml application/xml application/xml+rss text/javascript;
    gzip_comp_level 9;

    root /usr/share/nginx/html;

    location / {
        try_files $uri $uri/ /index.html =404;
    }

    location /api/ {
        proxy_pass <BACKEND_URL>;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;

        proxy_connect_timeout 60s;
        proxy_send_timeout 60s;
        proxy_read_timeout 60s;
        send_timeout 60s;

        add_header 'Access-Control-Allow-Origin' '*';
        add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS';
        add_header 'Access-Control-Allow-Headers' 'Origin, Content-Type, Accept, Authorization';
    }
}

Despite these efforts, I’m still encountering the CORS error. Can anyone provide insights into why this might be happening and suggest potential solutions? If further information is needed to diagnose the problem, please let me know.

Thank you in advance for any assistance.