search

openMF / web-self-service-app

Web app for clients to access and directly interact with their own accounts using Apache Fineract Self-Service APIs
http://openmf.github.io/web-self-service-app/
MIT License
33 stars 105 forks source link

CORS Missing Allow Origin #181

Open francisguchie opened 2 years ago

francisguchie commented 2 years ago

##Description Currently, client-side scripts (e.g., JavaScript) are prevented from accessing much of the Web of Linked Data due to "same origin" restrictions implemented in all major Web browsers. While enabling such access is important for all data, it is especially important for Linked Open Data and related services; without this, our data simply is not open to all clients. If you have public data which doesn't use require cookie or session based authentication to see, then please consider opening it up for universal JavaScript/browser access. read more here https://www.w3.org/wiki/CORS_Enabled#What_is_CORS_about.3F CORS

##Steps to reproduce Follow the steps in https://github.com/openMF/web-self-service-app#readme to run a web self service server / app Make sure your fineract server is up and running MifosX 17.07.01 (NOT the LATEST BUILD it has other issues https://github.com/openMF/web-self-service-app/issues/180)

##Expected Behaviour Fineract Should be able to allow Cross Origin Resource Sharing or at least a web application request from your allowed server

##Actual Behaviour looking at the console logs You will get the following

XHRPOSThttps://yourserver/fineract-provider/api/v1/self/authentication?password=password&username=selfserviceuser CORS Missing Allow Origin

{"timestamp":1633262267311,"status":401,"error":"Unauthorized","message":"User not authorised to use the requested resource."}

##Settings: Mozilla Firefox Microsoft Edge

MifosX 17.07.01

Screenshots/GIFs, if any:

Please attach screenshots/GIFs of the error/issue.

francisguchie commented 2 years ago

@rrpawar96 @Blasan Have you seen this https://issues.apache.org/jira/browse/FINERACT-879

francisguchie commented 2 years ago

@BLasan, using this PR https://github.com/openMF/web-self-service-app/pull/182 I can connect to the latest build with no CORS errors. But look at the new developments https://github.com/openMF/web-self-service-app/issues/180#issuecomment-933938606

francisguchie commented 1 year ago

@vorburger & @vishwasbabu

Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://apacheFineractServerDomain-Or-IP/fineract-provider/api/v1/self/clients. Reason: CORS header ‘Access-Control-Allow-Origin’ missing). Status code: 401 I have been faced with this issue a number of times I have also done some amount of reading,

My personal conclusion is that it would be nice to upgrade this repo to Angular since AngularJS has not support for CORS headers

rio-raj-006 commented 6 months ago

@francisguchie Hi, Is it possible to connect this application to fineract? because, I can't able to login. I got the same error "{"timestamp":1633262267311,"status":401,"error":"Unauthorized","message":"User not authorised to use the requested resource."}"