Closed PhilWun closed 2 years ago
The problem is still happening. It seems like Firefox does a preflight request with OPTIONS and the response contains only these headers:
HTTP/1.1 204 No Content allow: GET, OPTIONS server: ballerina date: Mon, 23 May 2022 07:52:01 GMT
Chrome doesn't seem to do an OPTIONS request and sends directly a GET request. The response of the GET request contains all necessary headers.
This should now be finally fixed once and for all (until we discover a new header that needs to be allowed for cors).
For the future: The firefox console lists which header is not allowed and thus blocks the cors request. This info is not shown in the network analysis tab...
When trying to visualize a CSV file the request to the backend fails because of a missing
Access-Control-Allow-Origin
header. Specifically the request tohttp://localhost:9090/experiments/1/data/PositiveSubset5.csv/download?version=1
fails. This appears to happen in Firefox and Safari.The console shows the following error
One difference is that Firefox and Safari set
Origin: http://localhost:5005
while Vivalid and Chrome don't set the Origin header.