Dear Community User! We have started the migration process.
This community is now in READ ONLY mode.
Read more: Important information on the platform change.

cancel
Showing results for 
Search instead for 
Did you mean: 
SOLVED

CORS Preflight requests require Authorization

CORS Preflight requests require Authorization

lg-lima
Established Member

Hi colleagues,

I have developed an external webserver that requests some data from ctrlX Datalayer using REST API. Since version 01V20, I'm now having some issues whenever preflight requests are triggered (specifically when not 'simple' (MDN Term) requests are made to the API).

Seems to me, that the Datalayer API is requiring 'Authorization' header even for OPTIONS request, which is not right. We have no control over the CORS request to add such header, this is automatically done by the browser.

https://stackoverflow.com/a/52072116

https://stackoverflow.com/a/40723041

lglima_0-1687404628768.png

lglima_1-1687404636942.png

4 REPLIES 4

lg-lima
Established Member
One additional comment. This does not happens when using the reverse proxy.

nickH
Community Moderator
Community Moderator

Hi, 

I was able to reproduce the issue. I forwarded it internally. If you got more information on this feel free to share. A private message is also possible. 

lg-lima
Established Member

Additional information. Different APIs handle OPTIONS requests differently.

Authorization API to request token authentication works as expected.

Preflight is triggered -> API response is 204 (Success - No Content)

Datalayer API to read nodes from datalayer doesn't.

Preflight is triggered -> API response is 401 (Error - Unauthorized)

nickH
Community Moderator
Community Moderator

Hi, 

I got an update for you on this issue. This should be fixed with the next patch of V1.20 (relese is next week) and with the release of V2.02. 

Best regards, 

Nick

Icon--AD-black-48x48Icon--address-consumer-data-black-48x48Icon--appointment-black-48x48Icon--back-left-black-48x48Icon--calendar-black-48x48Icon--center-alignedIcon--Checkbox-checkIcon--clock-black-48x48Icon--close-black-48x48Icon--compare-black-48x48Icon--confirmation-black-48x48Icon--dealer-details-black-48x48Icon--delete-black-48x48Icon--delivery-black-48x48Icon--down-black-48x48Icon--download-black-48x48Ic-OverlayAlertIcon--externallink-black-48x48Icon-Filledforward-right_adjustedIcon--grid-view-black-48x48IC_gd_Check-Circle170821_Icons_Community170823_Bosch_Icons170823_Bosch_Icons170821_Icons_CommunityIC-logout170821_Icons_Community170825_Bosch_Icons170821_Icons_CommunityIC-shopping-cart2170821_Icons_CommunityIC-upIC_UserIcon--imageIcon--info-i-black-48x48Icon--left-alignedIcon--Less-minimize-black-48x48Icon-FilledIcon--List-Check-grennIcon--List-Check-blackIcon--List-Cross-blackIcon--list-view-mobile-black-48x48Icon--list-view-black-48x48Icon--More-Maximize-black-48x48Icon--my-product-black-48x48Icon--newsletter-black-48x48Icon--payment-black-48x48Icon--print-black-48x48Icon--promotion-black-48x48Icon--registration-black-48x48Icon--Reset-black-48x48Icon--right-alignedshare-circle1Icon--share-black-48x48Icon--shopping-bag-black-48x48Icon-shopping-cartIcon--start-play-black-48x48Icon--store-locator-black-48x48Ic-OverlayAlertIcon--summary-black-48x48tumblrIcon-FilledvineIc-OverlayAlertwhishlist