Closed
Bug 1285559
Opened 9 years ago
Closed 9 years ago
CORS issue to access the SharePoint service within the SharePoint app.
Categories
(Core :: DOM: Security, defect)
Tracking
()
VERIFIED
INCOMPLETE
People
(Reporter: prajapati_subodh, Unassigned, NeedInfo)
Details
User Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36
Steps to reproduce:
We are creating a SharePoint hosted app with Client AppPart. I am calling "User Profile Service" from SharePoint services to get the user information. But Unfortunately I am getting security issue on Mozilla and Chrome. While the same code is working on Microsoft Internet Explorer Browser.
The error message is showing on Mozilla as below:
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://one.aon.net/_vti_bin/userprofileservice.asmx. (Reason: CORS header 'Access-Control-Allow-Origin' missing). <unknown>
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://one.aon.net/_vti_bin/userprofileservice.asmx. (Reason: CORS request failed).
Actual results:
Getting security related error and not getting any results from SharePoint User Profile service. The error is as below:
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://one.aon.net/_vti_bin/userprofileservice.asmx. (Reason: CORS header 'Access-Control-Allow-Origin' missing). <unknown>
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://one.aon.net/_vti_bin/userprofileservice.asmx. (Reason: CORS request failed).
Expected results:
User information should get back from SharePoint service and security exception should not occurred.
Reporter | ||
Updated•9 years ago
|
Severity: normal → critical
OS: Unspecified → Windows 7
Priority: -- → P1
Severity: critical → normal
Component: Untriaged → DOM: Security
Priority: P1 → --
Product: Firefox → Core
Summary: Issue to access the SharePoint service within the SharePoint app. → CORS issue to access the SharePoint service within the SharePoint app.
Comment 1•9 years ago
|
||
If both Firefox and Chrome are behaving the same way then it's likely that your app is not using CORS headers correctly. But without a working site to test against it's hard to say.
Flags: needinfo?(prajapati_subodh)
Updated•9 years ago
|
Status: UNCONFIRMED → RESOLVED
Closed: 9 years ago
Resolution: --- → INCOMPLETE
Comment 2•9 years ago
|
||
We can reopen this if the reporter gets back to us.
Reporter | ||
Comment 3•9 years ago
|
||
I am from AON Hewitt. We are facing this issue on our company intranet environment. So it is very difficult to provide the live environment for this issue. If you want the pice of code that I can send to you.
Status: RESOLVED → VERIFIED
You need to log in
before you can comment on or make changes to this bug.
Description
•