I'm using the asset picker documented here: https://helpx.adobe.com/experience-manager/6-2/assets/using/asset-picker.html
I keep getting the following error and wondering what I'm doing wrong?
Access to XMLHttpRequest at 'https:/blah/content/dam/example.jpg' from origin 'https://local.test.blah.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
Check if https://local.test.blah.com is added in allowed origins of Adobe Granite Cross-Origin Resource Sharing Policy ( com.adobe.granite.cors.impl.CORSPolicyImpl ) configuration.
Also check the following:
It seems the entire difference between a working request and a broken one is the cookie being passed up.
The working one includes ApplicationGatewayAffinityCORS, ApplicationGatewayAffinity, login-token and cq-authoring-mode.
The broken one only has ApplicationGatewayAffinityCORS.
So I guess my question is: How do I get the login-token (and other fields) from AEM? Can I force xhr to somehow use the default browser values for this?