CORS Policy Set to Wildcard but still showing restrictions | Community
Skip to main content
M
Mark_Zellner
January 29, 2019
Solved

CORS Policy Set to Wildcard but still showing restrictions

  • January 29, 2019
  • 9 replies
  • 2535 views

Hello All,

I am running into an issue where I am trying to do some testing on my local machine and I have an author and publish server currently running. For testing I have set the CORS policy to be a wildcard so that I can reference AEM components and html from my local machine. The problem is I am still getting the CORS policy restrictions even though I have changed that configuration to "*" for a wildcard to accept everything.

I was wondering if there are any steps I have to take after updating the CORS policy for it to take affect.

Thanks advance!

    This post is no longer active and is closed to new replies. Need help? Start a new post to ask your question.
    Best answer by Gaurav-Behl

    I don't see "Access-Control-Allow-Origin" in supported Headers in this configuration

    In addition to that, you may uncheck the supports credentials if you plan to access the content anonymously otherwise add more headers like "Access-Control-Allow-Credentials"

    In theory wildcard should work, but you may want to create another entry with exact origin as well "localhost:8885" since I haven't tested it with wildcard

    9 replies

    antoniom5495929
    antoniom5495929
    Level 7
    January 29, 2019

    Hi,

    which kind of issue are you facing? Could you add more details regarding the issue?

    Thanks,

    Antonio

    M
    Mark_ZellnerAuthor
    January 29, 2019

    I have a standalone HTML file that is referencing the HTML code from AEM and in the console I see that it is unable to be loaded due to CORS restrictions from "null" even though it should allow everything to access the HTML

    antoniom5495929
    antoniom5495929
    Level 7
    January 29, 2019

    Hi,

    could you share a screen of the error?

    Just to be sure.

    Thanks,

    Antonio

    M
    Mark_ZellnerAuthor
    January 29, 2019

    These are the errors I am seeing in console

    Gaurav-Behl
    Gaurav-Behl
    Level 10
    January 30, 2019

    The source doesn't have the headers enabled as mentioned in screenshot. Where did you set the wildcard?

    Follow this article to enable CORS at server if you are dealing with local apps accessing author/publish without dispatcher as mentioned in your case-

    Adobe Experience Manager Help | Understanding Cross-Origin Resource Sharing (CORS) with AEM

    Video - Adobe Experience Manager Help | Developing for Cross-Origin Resource Sharing (CORS) with AEM

    You don't need dispatcher configs since you access the publish directly.

    M
    Mark_ZellnerAuthor
    January 30, 2019

    HI gauravb10066713,

    I have it set up like this:

    M
    Mark_ZellnerAuthor
    January 30, 2019

    A bit confused by the XML examples, where would I find this configuration?

    Gaurav-Behl
    Gaurav-BehlAccepted solution
    Level 10
    January 30, 2019

    I don't see "Access-Control-Allow-Origin" in supported Headers in this configuration

    In addition to that, you may uncheck the supports credentials if you plan to access the content anonymously otherwise add more headers like "Access-Control-Allow-Credentials"

    In theory wildcard should work, but you may want to create another entry with exact origin as well "localhost:8885" since I haven't tested it with wildcard

      M
      Mark_ZellnerAuthor
      January 30, 2019

      Adding Access-Control-Allow-Origin in the supported headers did the trick! Thank you very much for your assistance!

      Terms & ConditionsAccessibility statement

      Loading footer...