Closed gallayl closed 7 years ago
Note to dev: see ODataHandler processrequest method for the correct response to an options request.
Update and migrate the CORS documentation to github.io while we're at it. :) 👍
Updating/migrating docs to this repo is done, moving to the final github.io is another task.
@herflis pls move it move it
We're unable to log in into a sensenet ECM (Using Sensenet.Services 7.0.0-beta2 and Sensenet.WebPages 7.0.0-beta1 site with JWT authentication, using CORS.
Steps to reproduce:
Deny cross-site access
from your sitenpm i
./src/app/app.module.ts
npm run start
http://localhost:4200
, open network toolbar and try to log inActual behavior
The OPTIONS preflight request to
https://sn-local/sn-token/login
, returns a 404. Chrome error:The mentioned header is not present.
There is an another HTTP request to an OData endpoint that tries to fetch contents from the repository. It contains the access-control-allow-methods and access-control-allow-origin headers
If you build the same Angular application and upload the bundle, the login works.
It seems that the login request picks up different options than the request to the OData endpoint in the terms of CORS settings.