Reputation: 94
Header Access-Control-Allow-Headers has an invalid value
On iOS 14, while testing the upgrade of my cordova app to WkWebView, a GET request triggered the following error
Failed to load resource: Header Access-Control-Allow-Headers has an invalid value: "Accept, Accept-Encoding, Accept-Language, Authorization, Cache-Control, Connection, Content-Type, Host, my-custom-header, my-custom-header-two, Origin, Pragma, User-Agent"
This is how my backend is configured:
Access-Control-Allow-Headers: "Accept, Accept-Encoding, Accept-Language, Authorization, Cache-Control, Connection, Content-Type, Host, my-custom-header, my-custom-header-two, Origin, Pragma, User-Agent"
This works just fine on iOS 12.
Upvotes: 0
Views: 844
Answers (1)
Reputation: 94
Removing the quotes in the header did the trick. Seems it was ok for iOS 12 but not for iOS 14.
Wherever you may set your Access-Control-Allow-Headers response header, don't put quotes in there
Access-Control-Allow-Headers: Accept, Accept-Encoding, Accept-Language, Authorization, Cache-Control, Connection, Content-Type, Host, my-custom-header, my-custom-header-two, Origin, Pragma, User-Agent
Note that Safari does not accept the wildcard for this CORS header, so you have specify every header you will ever send.
Hope this may help anyone encountering this.
Upvotes: 1
Related Questions
- Ionic 1 WkWebView iOS - Failed to load resource: Origin ionic://localhost is not allowed by Access-Control-Allow
- WkWebview local site Access Origin
- WKWebview Origin null is not allowed by Access-Control-Allow-Origin
- cordova ios 6.1.0 wkwebview some xhr POST fails
- Ionic CORS issue on iOS device, while correct headers are set
- iOS - WKWebView Cross origin requests are only supported for HTTP
- CORS header 'Access-Control-Allow-Origin' missing with AngularJS Web App
- Accessing secure endpoint from WKWebView loaded from local files
- IOS - CORS in WKWebView from local HTML file
- WKWebView - Failed to load resource: Origin null is not allowed by Access-Control-Allow-Origin