services.AddCors(options =>
{
options.AddPolicy("AnotherPolicy", builder =>
{
builder.AllowAnyHeader()
.AllowAnyMethod()
.AllowAnyOrigin()
.AllowCredentials()
.WithExposedHeaders("user"); // params string[]
});
});
[EnableCors("AnotherPolicy")]
public async Task<string> Test()