blocked by CORS policy #10197

timmackey created 3 years ago

ANZ 8.1.0 angular/.net core

Occasionally my ANZ app works when Published.

I make a small change, and then I get the following message from the client site in the Chrome debug console: Access to XMLHttpRequest at 'https://myapp-server.azurewebsites.net//AbpUserConfiguration/GetAll?d=1616355221806' from origin 'https://myapp-client.azurewebsites.net' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.

The server app is able to display swagger login page. The error persists even after rolling back the change. What might be causing this? How can I diagnose the cause?

13 Answer(s)

0

ismcagdas created 3 years ago
Support Team

Hi @timmackey

This problem might not be related to CORS. Could you check your server side log file to see if there are any related error messages for this problem ?

If not, could you share your app's URL with [email protected] ?

Thanks,
0

timmackey created 3 years ago

reply sent via email.
0

gterdem created 3 years ago
Support Team

https://myapp-server.azurewebsites.net//AbpUserConfiguration/GetAll?d=1616355221806

Try removing / in your cors origin configuration.
0

timmackey created 3 years ago

Removed trailing / from "CorsOrigins", then from all string in .json files. Makes no difference. If you click on the links in the browser console message, both links return data from the server. If I have removed the wrong / please be more specific: file, line, column.
0

timmackey created 3 years ago

Added the "Allow CORS: Access-Control-Allow-Origin" browser extension to continue development. NOT A PERMANENT SOLUTION.

Logging in as 'admin' produced a lot of warnings. Log file sent via email.
0

timmackey created 3 years ago

Removing "appsettings.Staging.json" and "appsettings.Development.json" from the server, and making "aspsettings.Production.json" the same as "aspsettings.json" fixed the issue.

Submitted ticket #10212 to suggest a long-term solution.
0

timmackey created 3 years ago

'Publish' copies all appsettings.json files to wwwroot. If "CorsOrigins" is not identical for appsettings.Development.json and appsettings.Production.json and appsettings.json, the CORS error occurs. It appears that appsettings.Development.json is still being referenced from somewhere.
0

timmackey created 3 years ago

project files emailed to [email protected]
0

ismcagdas created 3 years ago
Support Team

Hi @timmackey

If there are some missing values in appsettings.Production.json, some values in appsettings.Development.json might be used. So, you can make sure that both config files contains all the configuration keys.

If that doesn't solve the problem, probably your app is not published in Release mode.
0

timmackey created 3 years ago

The app is published in Release mode. (publish profile in project submitted via email) Please review appconfig...json files in project (submitted via email).
0

ismcagdas created 3 years ago
Support Team

Hi @timmackey

Thanks, we got the project now and will check it.

Thanks,
0

timmackey created 3 years ago

Wondering if any progress has been made in determining a solution?
0

timmackey created 3 years ago

ANZ Team:

It's been almost 3 weeks since I sent my project to you. Wondering what the ETA is for a solution?

This issue is related to #10212. Resolving this issue will close 2 issues.

Have an answer to this question? Log in and write your answer.