CODEWITHSUNDEEP
javascriptajax
Randy Minder
Randy Minder

Reputation: 48402

Cross Origin Resource Sharing (CORS) Error - Can this be blocked at the client?

I have a web app that performs several CORS operations using $.getJSON AJAX calls. Normally, on most client browsers, this works fine because the server my app is hitting has CORS enabled. However, I noticed today when I attempt to run my app on a client (using IE 11) in a corporate environment with fairly stringent security in place, my CORS attempts are failing, with the following error:

enter image description here

If the image cannot be read, there are a couple errors. 

One is SEC7118 (CORS operation
One is SEC7127 (Redirect was blocked) and 
Script7002 (XMLHTTPRequest: Network error 0x2ef1.

So, is it possible a client network can prevent CORS operatons?

Upvotes: 1

Views: 3896

Answers (2)

César Augusto
César Augusto

Reputation: 734

I had an error in an AngularJS application, simple but using directives. The resolution was as follows.

Creating a file staticwebapp.config.json in the root of the repo and adding the following config worked:

{
  "globalHeaders": {
    "Access-Control-Allow-Origin": "*",
    "Access-Control-Allow-Methods": "GET, OPTIONS"
  }
}

Publish your application and re-test. successfully solved! Below how my AngularJS is project to project

enter image description here

Upvotes: 0

Bergi
Bergi

Reputation: 664494

Yes. The corporate network can block everything it wants, and it might be the case that an over-restrictive firewall strips the CORS headers (aka "everything it doesn't know") from the HTTP request/response.

Upvotes: 2

Related Questions