Impact 2024: The Industrial Data and AI Conference for and by Users | Nominate Speakers Now for a Ch...
So how does CDF indicate to a CORS-enabled client that it will accept authenticated incoming requests?The browser’s CORS policy will not send user credentials as parr of the request unless the server responds to the CORS preflight OPTIONS request with Access-Control-Allow-Credentials: true
Does anyone have an idea here? CDF has already been configured to return an internal AkerBP hostname in the header field Access-Control-Allow-Origin The only header field missing is Access-Control-Allow-Credentials, so my reasoning is that if one header field has been configured correctly, then it must be possible to configure the one remaining fieldThis is turning into a showstopper...
I’m making an XHR request to https://api.cognitedata.com/api/v1/projects/akerbp/timeseries/search from within the SAP client-side framework called SAPUI5.BTW, this JavaScript framework is not based on ReactWhen I call this API from Postman and supply a bearer token, everything works fine because Postman does not implement a CORS policy. But when the call is performed from within the browser, all but one of the required CORS response headers are supplied. The missing header is Access-Control-Allow-Credentials
Hmmm…There must be some configuration done somewhere because the other HTTP header Access-Control-Allow-Origin has been correctly configured to a company-specific server name.This is not a value CDF would come shipped with
Already have an account? Login
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.
Sorry, we're still checking this file's contents to make sure it's safe to download. Please try again in a few minutes.
Sorry, our virus scanner detected that this file isn't safe to download.