dotnet

Swagger and https

Mark Andrews

19 Mar 2018 • 1 min read

Swagger is great for documenting APIs, and installs easily via Nuget.

However, it can be problematic over https, with an error "Can't read from server. It may not have the appropriate access-control-origin settings.".

The solution

The page is being loaded with the https:// protocol, however, Swagger UI is loading the API via http:// so there is a mismatch. Change the URL in the box above, click "explore", and it will work.

It is annoying to do this every time, and expect users to do it as well.

An automated solution

I can't remember where I found this solution, so can't reference it, but here it is. Add this to the SwaggerConfig.cs file:

private static string ResolveBasePath(HttpRequestMessage message)
{
    var virtualPathRoot = message.GetRequestContext().VirtualPathRoot;

    var schemeAndHost = "https://" + message.RequestUri.Host;
    return new Uri(new Uri(schemeAndHost, UriKind.Absolute), virtualPathRoot).AbsoluteUri;
}

// Excluding local env which is http only
if (!ConfigurationManager.AppSettings["Environment"].ToLower().Equals("local"))
{
    c.RootUrl(ResolveBasePath);
}