Requests to Cal's Platform api fail if the Origin header isn't properly set or if the origin header isn't set as a redirectUri.
Before, we issues some custom fetch calls from the server setting the Origin header to an environment variable (domain to which we deploy).
This now changes, as the above mentioned check only applies if the header is provided (which is the case in the browser). However, on the server, we don't have to set any Origin header.
Problem
fetch errors because of "Invalid request origin" if the origin (set by the browser) isn't added to redirectUris in the settings
if the server has issues a fetch with a mismatching origin header, we may encounter unnecessary errors
What it does
Requests to Cal's Platform api fail if the
Origin
header isn't properly set or if the origin header isn't set as aredirectUri
.Before, we issues some custom fetch calls from the server setting the
Origin
header to an environment variable (domain to which we deploy).This now changes, as the above mentioned check only applies if the header is provided (which is the case in the browser). However, on the server, we don't have to set any
Origin
header.Problem