Closed vpet98 closed 1 year ago
In our case, we manage CORS policies in our web server (haproxy). Although I can see use cases where it's up to the webservice to declare the CORS policies, I would say we let this to the webserver, which, anyway would rewrite the headers (I suspect).
I enabled CORS for all origins to all our webservices. Could you give it a try ?
It's still giving me this error: Access to fetch at 'https://ws.resif.fr/eidaws/statistics/1/dataselect/public?start=2023-01&format=json' from origin 'http://localhost:3000' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
I think it's right, because if you hit the URL in chrome browser and open the developer tools in the network tab, you will see no CORS header in the response headers.
CORS issue solved in webserver level, last commit deleted.
Fix issue #38
For the statistics dashboard to work in the right way, it seems we need to add allow CORS policy headers in the response of the webservice. Hope last commit does the job. It needs to be merged and then deployed and then I will test if it works or if I need to try something else. The current solution is to use a middleware API in react code, but it's dirty and probably slow. I guess it's better to be done with this before the Lugano meetings :)