Closed shraddharsh closed 6 years ago
Is there a way that we can disable this security so as to run it in every domain?
Hello
Thank you Regards Tomolimo
Hello @shraddharsh,
In order to complete my answer regarding disabling of CORS: In fact we are not exactly in a CORS issue, as CORS is about ajax calls across domains, but here we are facing javascript access of a DOM in an iFrame that are not in the same domain than the main form. In fact this javascript issue could be worked around using a postMessage mechanism. It's planed to go this way, but it needs a lot of developments (and of course of tests), and it will probably be done by end of this year (depending on other mandatory works that will be on my desk in the meanwhile). BUT anyway the current mechanism must work also in your environment. Please re-install 3.0.1.8-RE-1.8, and I will help you to fix your issue (troubleshoot is possible): I may connect to your servers to check that if you want (I did that already for several other PM end-users, and fixeed their troubles).
Thank you, Regards, Tomolimo
Hi @tomolimo , I have been trying to resolve this issue using apache configuration but to no avail. When trying to configure processmaker, I had to run it with a different port other than 80 since on port 80 glpi is configured.
Please find the configuration of processmaker below which I have done immense research and tried. ` <VirtualHost *:80>
DocumentRoot /opt/processmaker-server/workflow/public_html
\# Alias /processmaker "/opt/processmaker-server/workflow/public_html/"
ServerName shradd.unotech.com
\# ServerAlias processmaker.shrad.unotech.com
\# ServerAlias shrad.unotech.com/processmaker
DirectoryIndex index.html index.php
\# Header append X-Frame-Options ALLOWALL
\# Header always unset X-Frame-Options
\# Header always set X-Frame-Options "http://shrad.unotech.com"
\# Header always set X-Frame-Options "ALLOW-FROM http://shradd.unotech.com/
http://shrad.unotech.com"
<Directory /opt/processmaker-server/workflow/public_html/>
\# DocumentRoot /opt/processmaker/workflow/public_html
Options Indexes FollowSymLinks MultiViews
\# Options All
AddDefaultCharset UTF-8
AllowOverride All
Require all granted
ExpiresActive On
Order allow,deny
Allow from all
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^.*/(.*)$ glpi/app.php [QSA,L,NC]
</IfModule>
</Directory>
`
I believe for us to solve this issue we need to be using the same protocol, same domain as well as same port. I have even mentioned the code which I have tried and tested as commented.
Hello @shraddharsh
Normally, PM server can be run on a different port than the one of GLPI, but the protocol must be the same and must be HTTP (as currently HTPPS is not yet supported, it will in a near future).
In order to troubleshoot the issue, we need to use the development tools of your browser.
Thank you Regards, Tomolimo
Hi @tomolimo , First of all I'd like to apologise for a late reply, secondly I'm glad that you offered me help.
We tried to do some testing on our other servers and came across this issue and strangely changed some virtual host configurations and the issue was resolved. I believe the configuration of processmaker was not performed as mentioned on the website.
To answer your above points
Thank you, Regards, Shraddharsh.
Hi @tomolimo , I've been trying to configure processmaker but the CORS issue still persists i.e. opening the iframe in a different domain application (GLPI) than processmaker. Please note that I have done complete configuration of adding the same domain and using the processmaker with the plugin. Please find the screenshots below for your reference.
Processmaker version: 3.2.1 (Community release) Processmaker Plugin version: 3.2.8
Also Note: I have tried using the processmaker of your release but still face this issue.