Title of this article I have took from here.

If you are receiving a message like:

Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at http://test:2021/api/values. (Reason: CORS header ‘Access-Control-Allow-Origin’ missing)
This means that you have to enable CORS (since 2014)

In my case I have created new ASP.NET Core WebApi on the link http://test:2021/api/values, and I was accessing that link from http://gallery.milosev.com:9090.

Open Startup.cs:

First add line:

readonly string MyAllowSpecificOrigins = "_myAllowSpecificOrigins";
Then:
public void ConfigureServices(IServiceCollection services)
{
  services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_2_1);

  services.AddCors(options =>
  {
	options.AddPolicy(MyAllowSpecificOrigins,
	builder =>
	{
	  builder.WithOrigins("http://gallery.milosev.com:9090");
	});
  });
}
Here notice: http://gallery.milosev.com:9090, and at the end:
public void Configure(IApplicationBuilder app, IHostingEnvironment env)
{
  if (env.IsDevelopment())
  {
	app.UseDeveloperExceptionPage();
  }
  else
  {
	app.UseHsts();
  }

  app.UseCors(MyAllowSpecificOrigins);
  app.UseHttpsRedirection();
  app.UseMvc();
}
Whole Startup.cs:
using Microsoft.AspNetCore.Builder;
using Microsoft.AspNetCore.Hosting;
using Microsoft.AspNetCore.Mvc;
using Microsoft.Extensions.Configuration;
using Microsoft.Extensions.DependencyInjection;

namespace EnableCORS
{
  public class Startup
  {
    public Startup(IConfiguration configuration)
    {
      Configuration = configuration;
    }

    public IConfiguration Configuration { get; }

    readonly string MyAllowSpecificOrigins = "_myAllowSpecificOrigins";

    // This method gets called by the runtime. Use this method to add services to the container.
    public void ConfigureServices(IServiceCollection services)
    {
      services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_2_1);

      services.AddCors(options =>
      {
        options.AddPolicy(MyAllowSpecificOrigins,
        builder =>
        {
          builder.WithOrigins("http://gallery.milosev.com:9090");
        });
      });
    }

    // This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
    public void Configure(IApplicationBuilder app, IHostingEnvironment env)
    {
      if (env.IsDevelopment())
      {
        app.UseDeveloperExceptionPage();
      }
      else
      {
        app.UseHsts();
      }

      app.UseCors(MyAllowSpecificOrigins);
      app.UseHttpsRedirection();
      app.UseMvc();
    }
  }
}