0

I am trying to communicate with an app that is hidden behind an Azure Web Proxy/Active Directory setup.

I have tried the following so far:

  1. Written an app in Ionic (Angular)

  2. Set up Ionic's AuthConnect plugin so I am able to get hold of an access token from AD

  3. Set the access token in an 'Authorization' header which this link appears to suggest

  4. Send POST requests which works fine with any other API, just not the one behind the Web Proxy

  5. Tried to set up IIS CORS module on the server-side. I have attached an image of the current config below.

  1. When I try to send a POST request to the Web Proxy app URL, I get a 403 forbidden error on the preflight request.

  2. I'm getting the error "Access to XMLHttpRequest at 'https://www.testurl.com/test' from origin 'http://localhost:8100' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource."

Is anyone able to point me in the right direction please? Any help would be greatly appreciated.

user1138966
  • 211
  • 6
  • 16

1 Answers1

0

You might be facing CORS (Cross-Origin Resource Sharing) issues. You should try turning off CORS in whichever browser you are using. Also, as the error statement says, “No ‘Access-Control-Allow-Origin’ header is present on the requested resource”, you should check the domain or site from where you are sending a POST request to your web proxy app url and whether CORS is disabled/bypassed for your web proxy resource or not. Try sending a POST request from your domain only, not from outside or another domain with CORS enabled.

Also, might be you are sending a POST request from a ‘http’ web server which doesn’t has an SSL certificate installed, so try installing an SSL certificate on your local host and then send a POST request.

You can also check the app virtual directory permissions for web proxy resource access and correct accessibility as you have received a forbidden 403 error while accessing the web app page.

Please refer below threads for more clarification on your issue: -

Response to preflight request doesn't pass access control check

Access to XMLHttpRequest has been blocked by CORS policy

How does Access-Control-Allow-Origin header work?

Thanking you,

Kartik Bhiwapurkar
  • 4,550
  • 2
  • 4
  • 9