Open chof747 opened 2 years ago
I'm also experiencing something strange
Access to fetch at 'http://192.168.188.99/status' from origin 'http://192.168.1.52:8087' has been blocked by CORS policy: The value of the 'Access-Control-Allow-Origin' header in the response must not be the wildcard '*' when the request's credentials mode is 'include'.
ButtonPanel.tsx:147 GET http://192.168.188.99/status net::ERR_FAILED 200
onClick @ ButtonPanel.tsx:147
He @ react-dom.production.min.js:52
Ke @ react-dom.production.min.js:52
(anonymous) @ react-dom.production.min.js:53
Er @ react-dom.production.min.js:100
Sr @ react-dom.production.min.js:101
(anonymous) @ react-dom.production.min.js:113
Ie @ react-dom.production.min.js:292
(anonymous) @ react-dom.production.min.js:50
Rr @ react-dom.production.min.js:105
Jt @ react-dom.production.min.js:75
Xt @ react-dom.production.min.js:74
t.unstable_runWithPriority @ scheduler.production.min.js:18
Uo @ react-dom.production.min.js:122
Ne @ react-dom.production.min.js:292
$t @ react-dom.production.min.js:73
ButtonPanel.tsx:171 Request error: TypeError: Failed to fetch
at onClick (ButtonPanel.tsx:147:7)
at Object.He (react-dom.production.min.js:52:317)
at Ke (react-dom.production.min.js:52:471)
at react-dom.production.min.js:53:35
at Er (react-dom.production.min.js:100:68)
at Sr (react-dom.production.min.js:101:380)
at react-dom.production.min.js:113:65
at Ie (react-dom.production.min.js:292:189)
at react-dom.production.min.js:50:57
at Rr (react-dom.production.min.js:105:469)
i have currently set the authentication switch off but it seems like the panel is still enforcing proper cors rules. Can this be removed?
i had similar problems. seems that this was fixed, but not republished:
if (options.isAuth) {
fetchOpts.credentials = 'include';
requestHeaders.set('Authorization', 'Basic ' + btoa(options.username + ':' + options.password));
}
Can someone just republish this?
this is implemented in v7.0.25 but the published version (grafana.com) is v7.0.23. So any automated (e.g. via docker) or manual (via UI) fetches v7.0.23 by default.
would be great, if someone can publish v7.0.25 @ grafana.com
@derjust any chance we can republish to Grafana? Or is there a way someone else can? Would be great to use this. Thanks
When I try to execute a REST call to my home assistant server I get the following error from the preflight request:
Credentials flag is true, but Access-Control-Allow-Credentials is not "true".
I have configured my home assistant server with the correct
cors_allowed_origins
I am using the following headers:Authentication switch is turned off and the request is a POST request with a valid json which works fine if I try it with another HTTP client.