Enabling CORS not working in AEM Cloud

Avatar

Avatar
Affirm 100
MVP
shelly-goel
MVP

Likes

246 likes

Total Posts

409 posts

Correct reply

105 solutions
Top badges earned
Affirm 100
Give Back 25
Ignite 3
Give Back 10
Validate 1
View profile

Avatar
Affirm 100
MVP
shelly-goel
MVP

Likes

246 likes

Total Posts

409 posts

Correct reply

105 solutions
Top badges earned
Affirm 100
Give Back 25
Ignite 3
Give Back 10
Validate 1
View profile
shelly-goel
MVP

07-07-2021

I have enabled CORS for a specific domain and supportsCredentials as true.Below screenshot from AEM dev instance config

shellygoel_1-1625817261320.png

 

I have also added CORS headers in dispatcher - clientheaders.any file

shellygoel_1-1625642495895.png

 

However, request to AEM server still throws CORS error and there are no response headers

Chrome Dev Tools gives this error:

Access to fetch at 'https://author-p24737-e166384.adobeaemcloud.com/content/dam/nike.initiateUpload.json' from origin 'https://401518-contentsymphonydev-shelly.adobeio-static.net' has been blocked by CORS policy: Request header field authorization is not allowed by Access-Control-Allow-Headers in preflight response.

 

So I explicitly added headers in supportedheaders as below:

shellygoel_0-1625649403841.png

Still getting the same issue.

Firefox preflight information below:

 

shellygoel_1-1625649527199.png

Sling Referrer Filter Config:


shellygoel_0-1625817236912.png

 

Now the CORS issue is resolved but it gives 403 Forbidden (other then GET calls). I read few articles and it mentioned to remove POST method from Sling Referrer Filter , I removed it but no difference
 
shellygoel_2-1625817410365.png

Another post mentions to remove POST from CSRF filter config. I don't think it's optimal to remove these methods from these configs. Please suggest a solution and why the access-control-allowed-methods header is not able to take care of this

https://stackoverflow.com/questions/22799024/cq5-403-forbidden-occurs-when-call-a-post-servlet?answe...

 

 

@Jorg_Hoh @kautuk_sahni  Can you please tag Jorg_Hoh for me as I couldn't find him? Please also route it/ get it some attention from relevant folks in Adobe.

Accepted Solutions (0)

Answers (4)

Answers (4)

Avatar

Avatar
Springboard
Level 7
Prince_Shivhare
Level 7

Likes

122 likes

Total Posts

403 posts

Correct reply

65 solutions
Top badges earned
Springboard
Establish
Give Back 100
Boost 100
Validate 1
View profile

Avatar
Springboard
Level 7
Prince_Shivhare
Level 7

Likes

122 likes

Total Posts

403 posts

Correct reply

65 solutions
Top badges earned
Springboard
Establish
Give Back 100
Boost 100
Validate 1
View profile
Prince_Shivhare
Level 7

07-07-2021

If you are trying to access the other endpoints from AEM, then it would requie to whitelisting of AEM cloud url from other endpoint side.

Avatar

Avatar
Boost 500
MVP
Vijayalakshmi_S
MVP

Likes

566 likes

Total Posts

712 posts

Correct reply

236 solutions
Top badges earned
Boost 500
Give Back 50
Give Back 5
Ignite 10
Ignite 5
View profile

Avatar
Boost 500
MVP
Vijayalakshmi_S
MVP

Likes

566 likes

Total Posts

712 posts

Correct reply

236 solutions
Top badges earned
Boost 500
Give Back 50
Give Back 5
Ignite 10
Ignite 5
View profile
Vijayalakshmi_S
MVP

07-07-2021

Hi @shelly-goel,

Could you please confirm if you have allowed the origin(via Allow hosts or Allow Regexp Host) in Apache Sling Referrer Filter too ?

Avatar

Avatar
Springboard
Level 7
KiranVedantam1992
Level 7

Likes

190 likes

Total Posts

207 posts

Correct reply

60 solutions
Top badges earned
Springboard
Give Back 5
Ignite 1
Affirm 50
Validate 1
View profile

Avatar
Springboard
Level 7
KiranVedantam1992
Level 7

Likes

190 likes

Total Posts

207 posts

Correct reply

60 solutions
Top badges earned
Springboard
Give Back 5
Ignite 1
Affirm 50
Validate 1
View profile
KiranVedantam1992
Level 7

07-07-2021

Hi @shelly-goel 

 

Can you please try whitelisting this AEM server in the receiving server to resolve this issue?

 

Thanks,

Kiran Vedantam.

 

Avatar

Avatar
Establish
Community Manager
kautuk_sahni
Community Manager

Likes

1,198 likes

Total Posts

6,375 posts

Correct reply

1,147 solutions
Top badges earned
Establish
Coach
Originator
Contributor 2
Contributor
View profile

Avatar
Establish
Community Manager
kautuk_sahni
Community Manager

Likes

1,198 likes

Total Posts

6,375 posts

Correct reply

1,147 solutions
Top badges earned
Establish
Coach
Originator
Contributor 2
Contributor
View profile
kautuk_sahni
Community Manager

12-07-2021

Jörg_Hoh, please assist here.