Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Cross origin error #33

Closed
1 of 3 tasks
vdidushko opened this issue Apr 27, 2020 · 2 comments
Closed
1 of 3 tasks

Cross origin error #33

vdidushko opened this issue Apr 27, 2020 · 2 comments

Comments

@vdidushko
Copy link

vdidushko commented Apr 27, 2020
edited
Loading

Bug Report

Description

After executing the following query in browser's console

    cache: 'no-cache',
    credentials: 'include',
    headers: {
      'Authorization': 'Basic XXXXXXXXXXXXXXXXXXXXXXXXXXXXXX'
    },
    method: 'get',
    mode: 'cors',
    redirect: 'follow',
    referrer: 'no-referrer'
  };

  fetch('https://in.elastic.io/hook/5ea6a4c55d7ddd5e75eb4191', request);

it is throwing the following error message:

Access to fetch at 'https://in.elastic.io/hook/5ea6a4c55d7ddd5e75eb4191' from origin 'https://app.elastic.io' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.

in.elastic.io/hook/5ea6a4c55d7ddd5e75eb4191:1 Failed to load resource: net::ERR_FAILED
5b62c919fd98ea00112d52e7#/w/58dcfe0f52f01e0019e7484e:1 Uncaught (in promise) TypeError: Failed to fetch

screenshot_67

Preconditions

  1. Create a new flow.
  2. Add Webhook component as trigger
  3. Add http reply component
  4. Add custom headers to http reply component
    Access-Control-Allow-Origin: "*"
    Access-Control-Allow-Methods: "GET"
  5. Turn on 'real time' flow
  6. Start the flow

Environment

  • Great Moraq (development)
  • Essos (stage)
  • Westeros (production)

Steps to Reproduce

  1. Run the created flow.
  2. Execute early mentioned query in browser's console with the authorization header as in Webhook step.
  3. Observe the error message.

Actual Result

Access to fetch at 'https://in.elastic.io/hook/5ea6a4c55d7ddd5e75eb4191' from origin 'https://app.elastic.io' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.

in.elastic.io/hook/5ea6a4c55d7ddd5e75eb4191:1 Failed to load resource: net::ERR_FAILED
5b62c919fd98ea00112d52e7#/w/58dcfe0f52f01e0019e7484e:1 Uncaught (in promise) TypeError: Failed to fetch

Expected Result

Status code 200 OPTIONS
@vdidushko
Copy link
Author

Most likely can be reproduced with any authorization method.

@jhorbulyk
Copy link
Contributor

Closing in favor of https://eio.productboard.com/feature-board/2273350-planning-board/features/8357891/detail

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@jhorbulyk @vdidushko