Skip to content
This repository has been archived by the owner on May 5, 2022. It is now read-only.

Charts on dashboard are empty due to missing CORS headers #704

Open
stefanb opened this issue Jun 21, 2018 · 1 comment
Open

Charts on dashboard are empty due to missing CORS headers #704

stefanb opened this issue Jun 21, 2018 · 1 comment

Comments

@stefanb
Copy link
Contributor

stefanb commented Jun 21, 2018
edited
Loading

https://results.openaddresses.io/dashboard

Chrome reports:

dashboard:1 Failed to load https://s3.amazonaws.com/data.openaddresses.io/machine-stats.json: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'https://results.openaddresses.io' is therefore not allowed access.
dashboard:305 Uncaught TypeError: Cannot read property 'timeseries' of undefined
at Object. (dashboard:305)
at Object.t (d3.v3.min.js:1)
at XMLHttpRequest.i (d3.v3.min.js:1)
(anonymous) @ dashboard:305
t @ d3.v3.min.js:1
i @ d3.v3.min.js:1
load (async)
Cn @ d3.v3.min.js:1
ao.json @ d3.v3.min.js:5
(anonymous) @ dashboard:304
d3.v3.min.js:1 Cross-Origin Read Blocking (CORB) blocked cross-origin response https://s3.amazonaws.com/data.openaddresses.io/machine-stats.json with MIME type application/json. See https://www.chromestatus.com/feature/5629709824032768 for more details.
Cn.u.send @ d3.v3.min.js:1
u.(anonymous function) @ d3.v3.min.js:1
Cn @ d3.v3.min.js:1
ao.json @ d3.v3.min.js:5
(anonymous) @ dashboard:304

Firefox reports:

Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://s3.amazonaws.com/data.openaddresses.io/machine-stats.json. (Reason: CORS header ‘Access-Control-Allow-Origin’ missing).
TypeError: data is undefined[Learn More]

Suggested fix: Add the missing CORS header to the AWS:
Access-Control-Allow-Origin: https://results.openaddresses.io/

EDIT: the real fix should take care also of plain http origin, not only https as suggested above
@stefanb stefanb changed the title Charts on dashboard empty Charts on dashboard are empty due to missing CORS headers Jun 21, 2018
@NelsonMinar NelsonMinar mentioned this issue Jun 4, 2019
Open
@stefanb
Copy link
Contributor Author

stefanb commented Jul 12, 2019
edited
Loading

This seems to have been fixed on https, but not http. See

The error in browser's console is:

Access to XMLHttpRequest at 'https://s3.amazonaws.com/data.openaddresses.io/machine-stats.json' from origin 'http://results.openaddresses.io' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header has a value 'https://results.openaddresses.io' that is not equal to the supplied origin.

Either redirect everything to https or fix headers for the http service as well.

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@stefanb