HttpErrorResponse status 0 on 401 error due to missing Origin header in Angular

[mrmoein]

Description: When making an HTTP request that results in a 401 Unauthorized error in Angular, the HttpErrorResponse status is returned as 0 instead of 401. This issue occurs when the Origin header is missing from the request. Although the Origin header is configured, it is not applied correctly in the case of the 401 error.

Solution: Adding the following middleware to the backend resolves the issue:

app.UseAuthentication();
app.UseAuthorization();

Once this is added, the Origin header is correctly applied, and the 401 error status is properly returned in the Angular application.

Expected Behavior: The Origin header should be included and properly applied to the request. The HttpErrorResponse should show a 401 status when an unauthorized request is made.

Actual Behavior: The Origin header is not applied, and the status code in the error response is 0.

Additional Question: Is adding this middleware (app.UseAuthentication(); and app.UseAuthorization();) safe, or does it introduce unnecessary overhead to the application?