hi! it seems that link is broken. 
The user was logged in host.
User user = null;
using (var t = new TransactionScope(TransactionScopeOption.Required, new TransactionOptions
{ IsolationLevel = System.Transactions.IsolationLevel.ReadUncommitted}))
{
{
user = await UserManager.GetUserByIdAsync(input.UserId);
}
}
Just fix it :) thx.
The request took around 21 secs, could that be a timeout?
I just tested 2 things... in the App Services I setted up CORS "*" and let webAPI core 2 project handle all by himself (just the appsettings.json)
Second I tried was changing the method to POST, but got same answer.
Preflight:
Request:
As you can see, this response header came without "Access-Control-Allow-Origin"
Chrome console: "Access to XMLHttpRequest at 'https://apiqa.masterpago.com/api/services/app/Orders/PostOrderApply' from origin 'https://frontqa.masterpago.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource."
The problem is just getting triggered with ApplyOrder method (Update or Post I tried both) but each time everything works fine in server side but the response is getting back without the "Access-Control-Allow-Origin" in the header. This method at the end sent a confirmation email. So Im getting the email, checking the database and everything is working as expected but the request answer of the PUT/POST is wrong on browser cause' is missing that header.
This is part of a log file, but I dont see any errors. https://www.dropbox.com/s/o4g53fwh756kz4k/log.txt?dl=0
Gonna make it Post again and share data.
Without headers it did not work.
Now this is turning weirder. Some orders are accepted and some are rejected (without any error on BackEnd). Look at this:
-preflight:
-request response:
As you can see, this response header came with"Access-Control-Allow-Origin"
-request payload: {"id":3249,"eventChartKey":"250fc649-ba7a-4a38-a59c-7aec90a91b10","totalCost":"12000","userId":14,"bankTransactionId":"4386639813","orderStatusId":2,"orderTypeId":1,"serviceCost":1000,"orderTokenId":"7871d6f7ae","holdToken":"3a103c8d-2fdf-43d4-bb2c-f7d9e2ec3eab","soldTickets":[{"seatId":"MEZCLA-32-1","category":"VIP","categoryKey":2,"categoryLabel":"VIP","soldDate":"2018-11-19T17:49:10.017Z","label":"MEZCLA-32-1","orderId":3249,"own":"1","parent":"32","eventChartKey":"250fc649-ba7a-4a38-a59c-7aec90a91b10","isTicketUsed":false,"id":null,"ticketPrice":12000,"categoryExtraCost":3750,"objectType":"Seat","section":"MEZCLA","qrCode":null,"statusTicket":"reservedByToken"}]}
-preflight:
-request response:
As you can see, this response header came without "Access-Control-Allow-Origin"
-request payload: {"id":3250,"eventChartKey":"7632b7dc-8d4d-471b-9fee-a8dba5460b3b","totalCost":"68000","userId":14,"bankTransactionId":"4386651750","orderStatusId":2,"orderTypeId":1,"serviceCost":1000,"orderTokenId":"ae967745c1","holdToken":"c63d6584-5aad-4f4b-b975-d405b6cb2db7","soldTickets":[{"seatId":"MEZCLA-GG-17","category":"Platea","categoryKey":4,"categoryLabel":"Platea","soldDate":"2018-11-19T17:52:38.927Z","label":"MEZCLA-GG-17","orderId":3250,"own":"17","parent":"GG","eventChartKey":"7632b7dc-8d4d-471b-9fee-a8dba5460b3b","isTicketUsed":false,"id":null,"ticketPrice":17000,"categoryExtraCost":1000,"objectType":"Seat","section":"MEZCLA","qrCode":null,"statusTicket":"reservedByToken"},{"seatId":"MEZCLA-FF-17","category":"Platea","categoryKey":4,"categoryLabel":"Platea","soldDate":"2018-11-19T17:52:38.927Z","label":"MEZCLA-FF-17","orderId":3250,"own":"17","parent":"FF","eventChartKey":"7632b7dc-8d4d-471b-9fee-a8dba5460b3b","isTicketUsed":false,"id":null,"ticketPrice":17000,"categoryExtraCost":1000,"objectType":"Seat","section":"MEZCLA","qrCode":null,"statusTicket":"reservedByToken"},{"seatId":"MEZCLA-EE-17","category":"Platea","categoryKey":4,"categoryLabel":"Platea","soldDate":"2018-11-19T17:52:38.927Z","label":"MEZCLA-EE-17","orderId":3250,"own":"17","parent":"EE","eventChartKey":"7632b7dc-8d4d-471b-9fee-a8dba5460b3b","isTicketUsed":false,"id":null,"ticketPrice":17000,"categoryExtraCost":1000,"objectType":"Seat","section":"MEZCLA","qrCode":null,"statusTicket":"reservedByToken"},{"seatId":"MEZCLA-DD-17","category":"Platea","categoryKey":4,"categoryLabel":"Platea","soldDate":"2018-11-19T17:52:38.927Z","label":"MEZCLA-DD-17","orderId":3250,"own":"17","parent":"DD","eventChartKey":"7632b7dc-8d4d-471b-9fee-a8dba5460b3b","isTicketUsed":false,"id":null,"ticketPrice":17000,"categoryExtraCost":1000,"objectType":"Seat","section":"MEZCLA","qrCode":null,"statusTicket":"reservedByToken"}]}
I tried to do it changing the Method to Post but was useless... Im gonna delete the headers again base on your response " You don't need to set the request header." and ill let you know
So why is web API core 2 project proccesing all, but, browser raising an error?
Based on what I´ve been reading and your screenshot thats a preflight request and is 200 ok, it seems everything is ok. I got that look:
But the real request is what doesn't work for the browser but the request is being processed
Access to XMLHttpRequest at 'https://apiqa.masterpago.com/api/services/app/Orders/UpdateOrderApply' from origin 'https://frontqa.masterpago.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
