1

Today I attempted to browse a new feature recently deployed to our testing environment (NOT LOCAL). After navigating to the new feature I was met with a blank page. Confused, I checked Chrome's console and found an error:

XMLHttpRequest cannot load https://test.mytestsite.com/SomeApplication/api/SomeController/SomeMethod/8?Id=523283&SecondId=1612w3426653. 
No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://test.mytestsite.com' is therefore not allowed access.

This code makes an ajax call to a WebAPI (on the same domain) to retrieve some information on document.Ready. I understand the error and I'm familiar with it's typical cause. However, this call is being made from within the same domain AND it works for the other developers on my team.

Symptoms: - Does not work for IE or Chrome/Incognito - Does work for FireFox - Works on all browsers for at least 4 other developers on the same domain that I reside on. (Indicating to me that this is an environmental issue)

Possible causes: - I was doing some CORS research several weeks ago and perhaps I configured some Windows 7 setting to cause this to happen?

Google is saturated with the standard CORS issues, so I'm asking here and hopefully someone can help.

alan
  • 6,705
  • 9
  • 40
  • 70
  • 1
    `http` & `https` that is the problem. – epascarello Nov 18 '13 at 19:01
  • @epascarello That's what I thought as well, but as I mentioned this works in FireFox and also for all other developers (using IE, Chrome, and FireFox) in my office. – alan Nov 18 '13 at 19:02
  • 1
    Is the https verified in Chrome and IE? AKA, open up the browser and type in the https url you are using. Does it prompt you to verify an untrusted cert? – epascarello Nov 18 '13 at 19:05
  • You were right! Our site is supposed to enforce SSL only, I guess that's not the case on our testing environment. Changing the URL to https: worked. Thank you! If you post this as an answer I'll gladly mark it as such. – alan Nov 18 '13 at 19:08

1 Answers1

0

The issue at hand was due to inconsistencies between environments.

In our production environment SSL is enforced with a redirect in IIS, while in our testing environment it is not. I was navigating to the site via a bookmark using http. Updating the bookmark, as @epascarello suggested, fixed the problem.

alan
  • 6,705
  • 9
  • 40
  • 70