Sign in with

Dear Community User! We have started the migration process.
This community is now in READ ONLY mode.
Read more: Important information on the platform change.

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
SOLVED

CORS Preflight requests require Authorization

Go to solution

CORS Preflight requests require Authorization

Go to solution
lg-lima
Established Member

‎06-22-2023 05:34 AM

Hi colleagues,

I have developed an external webserver that requests some data from ctrlX Datalayer using REST API. Since version 01V20, I'm now having some issues whenever preflight requests are triggered (specifically when not 'simple' (MDN Term) requests are made to the API).

Seems to me, that the Datalayer API is requiring 'Authorization' header even for OPTIONS request, which is not right. We have no control over the CORS request to add such header, this is automatically done by the browser.

https://stackoverflow.com/a/52072116

https://stackoverflow.com/a/40723041

lglima_0-1687404628768.png

lglima_1-1687404636942.png

0 Likes
Reply
4 REPLIES 4

Go to solution
lg-lima
Established Member

‎06-22-2023 05:42 AM

One additional comment. This does not happens when using the reverse proxy.
0 Likes
Reply

Go to solution
nickH
Community Moderator
Community Moderator
In response to lg-lima

‎06-26-2023 03:31 PM

Hi, 

I was able to reproduce the issue. I forwarded it internally. If you got more information on this feel free to share. A private message is also possible. 

0 Likes
Reply

Go to solution
lg-lima
Established Member
In response to nickH

‎06-27-2023 03:27 PM

Additional information. Different APIs handle OPTIONS requests differently.

Authorization API to request token authentication works as expected.

Preflight is triggered -> API response is 204 (Success - No Content)

Datalayer API to read nodes from datalayer doesn't.

Preflight is triggered -> API response is 401 (Error - Unauthorized)

0 Likes
Reply

Go to solution
nickH
Community Moderator
Community Moderator
In response to lg-lima

‎07-04-2023 03:27 PM

Hi, 

I got an update for you on this issue. This should be fixed with the next patch of V1.20 (relese is next week) and with the release of V2.02. 

Best regards, 

Nick

0 Likes
Reply

OK
OK
Icon--AD-black-48x48Icon--address-consumer-data-black-48x48Icon--appointment-black-48x48Icon--back-left-black-48x48Icon--calendar-black-48x48Icon--center-alignedIcon--Checkbox-checkIcon--clock-black-48x48Icon--close-black-48x48Icon--compare-black-48x48Icon--confirmation-black-48x48Icon--dealer-details-black-48x48Icon--delete-black-48x48Icon--delivery-black-48x48Icon--down-black-48x48Icon--download-black-48x48Ic-OverlayAlertIcon--externallink-black-48x48Icon-Filledforward-right_adjustedIcon--grid-view-black-48x48IC_gd_Check-Circle170821_Icons_Community170823_Bosch_Icons170823_Bosch_Icons170821_Icons_CommunityIC-logout170821_Icons_Community170825_Bosch_Icons170821_Icons_CommunityIC-shopping-cart2170821_Icons_CommunityIC-upIC_UserIcon--imageIcon--info-i-black-48x48Icon--left-alignedIcon--Less-minimize-black-48x48Icon-FilledIcon--List-Check-grennIcon--List-Check-blackIcon--List-Cross-blackIcon--list-view-mobile-black-48x48Icon--list-view-black-48x48Icon--More-Maximize-black-48x48Icon--my-product-black-48x48Icon--newsletter-black-48x48Icon--payment-black-48x48Icon--print-black-48x48Icon--promotion-black-48x48Icon--registration-black-48x48Icon--Reset-black-48x48Icon--right-alignedshare-circle1Icon--share-black-48x48Icon--shopping-bag-black-48x48Icon-shopping-cartIcon--start-play-black-48x48Icon--store-locator-black-48x48Ic-OverlayAlertIcon--summary-black-48x48tumblrIcon-FilledvineIc-OverlayAlertwhishlist