i am using hls/dash for video streaming using azure akamai cdn but every time its getting failed due to CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource
i config cors into my storage account but i am unable to stream video
<Cors>
<CorsRule>
<AllowedOrigins>*</AllowedOrigins>
<AllowedMethods>GET,HEAD,OPTIONS</AllowedMethods>
<AllowedHeaders>*</AllowedHeaders>
<ExposedHeaders>server,range</ExposedHeaders>
<MaxAgeInSeconds>3000</MaxAgeInSeconds>
</CorsRule>
<Cors>
is their any other way to config cors in cdn
Akamai CDN doesn’t have CORS settings and it will pass all headers from the Origin. So, as long as the origin returns CORS headers and CDN Edge Server has not cached the old resource, it will return CORS headers.
Related
I have a CloudFront distribution that forwards all requests to API Gateway. I want my CloudFront distribution to forward all viewer headers to API Gateway.
I tried adding the managed AllViewer Origin request policy, but when sending a request to the distribution, I get { "message": "Forbidden" }.
I found out from a different Stack Overflow question that the reason that happens is because of the Host header being the cloudfront domain that is forwarded to my API gateway.
I tried adding a custom Host header to the cloudfront distribution to fix the issue, but the Host header is one of the custom headers that CloudFront can’t add to origin requests.
How can I forward all request headers to the API Gateway without specifying each one individually in a custom origin request policy?
I am trying to connect a SOAP service from frontend,
Because of "cors policy blocked" I am using Local Cors Policy which is described here;
"https://www.npmjs.com/package/local-cors-proxy"
I can see that request is getting proxied so no any errors.
"Request Proxied -> /Servis/SiparisServis.svc"
But I am still getting this error;
"Access to XMLHttpRequest at 'https://www.myurl.com/Servis/SiparisServis.svc' (redirected from 'http://localhost:8010/proxy/Servis/SiparisServis.svc') from origin 'http://123.0.0.1:2300' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource."
Any solution ?
I can provide my codes if needed.
I am trying to fetch the metadata I stored on NFT.storage using axios, but each time I get this error:
Access to XMLHttpRequest at 'ipfs://bafyreib6hf354pwtnwxdmfllegogffvkv2dzsrgbithvjbzzewu757bxay/metadata.json' from origin 'http://127.0.0.1:3000' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, chrome, chrome-extension, chrome-untrusted, https.
I have solved this issue many times when I used to do web2 development but don't know how to do this here.
You cannot directly access ipfs:// prefixed content from a normal browser or js. Instead, you'd have to access it through a gateway.
Some popular gateways are ipfs.io, pinata, moralis..
This is an example usage of an ipfs gateway:
https://ipfs.io/ipfs/bafyreib6hf354pwtnwxdmfllegogffvkv2dzsrgbithvjbzzewu757bxay/metadata.json
Try making your axios request to this url
As I got CORS errors from a website I develop localy, I would like to disable CORS for testing. But there is only an enable switch (which I tried to solve the CORS error).
It is strange as even after manually enabling CORS with Access-Control-Allow-Origin '*', I still get this error:
from origin 'http://localhost:8080' has been blocked by CORS policy:
Response to preflight request doesn't pass access control check: No
'Access-Control-Allow-Origin' header is present on the requested
resource
-- added --
I got a bit further in using CORS by hints from this post:
Fail to enable CORS for API Gateway functions
It is not enough to enable CORS, but also to add those extra header information.
Anyway, how to disable the CORS afterwards would still be the question.
I developped an application NUXTJS with a backend in Symfony. I deploy an API REST that allows me to talk beetween front and back. Everything work in local.
I want to deploy this on my host.
So I created two subdomains : one for my front and one for my backend.
So when I try to access to my application, I try to connect but I have these two errors CORS :
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://mysubdomain.domain.fr/api/login_check. (Reason: CORS header 'Access-Control-Allow-Origin' missing).
And
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://mysubdomain.domain.fr/api/login_check. (Reason: CORS request did not succeed).
How can I fix this ?
Thanks a lot
You need to enable CORS by specifying the nextjs domain, not the api domain. If you want to be sure you can also allow all domain by using a *. But this reduces security a bit.
If you really want to be secure, you could add a proxy to your nextjs server, which proxies to your Symfony application. For example, in your NextJS application, proxy /api to the Symfony application hostname.
This way you don't need to enable CORS at all.
If you use Api Platform you may need to configure the CORS_ALLOW_ORIGIN variable in your .env file 😁