kendo-upload doesn't send 'Origin' header for cross-site requests

[vaheprog]

Hi,

My Client and Backend have different domains and because of that the file upload doesn't work.
Per documentation kendo-upload must send cookies and headers for cross-site requests if withCredentials binding is true and by default it is true.

I have following code:

<kendo-upload [(ngModel)]="uploadedFiles"
[saveUrl]="'/api/Attachment/ChunkSave'"
[chunkable]="{size: 1048576}"
[showFileList]="true"
[autoUpload]="true"
[multiple]="true">

And when I select a file it doesn't send 'Origin' in the header.

Do you have any workaround for now as this is a production bug and users can't upload any file.

[Raisolution]

Hi @vaheprog ,

The 'origin' header is added automatically by the browser to each cross-domain request. This is not related to the value of the withCredentials property of the Upload component. In the current scenario I would suggest to check the server side configuration in order to validate that CORS requests are enabled and that the correct Access-Control-Allow-Origin response header is sent back.

[vaheprog]

CROS requests are enabled. All API calls from UI have 'origin' request header but when kendo-upload component does API request the 'origin' is missing in request header.

[Raisolution]

Hi @vaheprog

The Origin header is added automatically by the browsers to cross-domain requests. It is hard to determine what is causing the current behavior without inspecting a runnable example.
For further assistance with the implementation of this specific scenario please open a support ticket.