No 'Access-Control-Allow-Private-Network' header was present in the preflight response

PeculiarVentures / fortify

Fortify enables web applications to use smart cards, local certificate stores and do certificate enrollment. This is the desktop application repository.

https://fortifyapp.com

Other

113 stars 32 forks source link

No 'Access-Control-Allow-Private-Network' header was present in the preflight response #571

Open PedroSouzaSRS opened 8 months ago

PedroSouzaSRS commented 8 months ago

Hello everyone.

I have the following error when accessing tools.fortifyapp.com:

Access to fetch at 'https://127.0.0.1:31337/.well-known/webcrypto-socket' from origin 'https://tools.fortifyapp.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Private-Network' header was present in the preflight response for this private network request targeting the local address space.

Browser: Google Chrome 122.0.6261.112

Does anyone have an idea how to solve it?

donskov commented 8 months ago

Hello @PedroSouzaSRS. What version of Fortify are you using?

PedroSouzaSRS commented 8 months ago

Hello @donskov. Version 1.8.4

donskov commented 8 months ago

@PedroSouzaSRS It seems that your browser does not trust the resource that Fortify is sending requests to. Try to:

remove the your home directory/.fortify folder.
remove and install again Fortify.

PedroSouzaSRS commented 8 months ago

@donskov I followed the recommended process but it didn't work.

Wouldn't it be necessary for Fortify to respond to the request with the "access-control-allow-private-network" header with the value "true"?

I verified that this header is not actually present in the preflight response.