Closed Bug 1285559 Opened 9 years ago Closed 9 years ago

CORS issue to access the SharePoint service within the SharePoint app.

Categories

(Core :: DOM: Security, defect)

Product:
Core
Component:
DOM: Security
Version:
38 Branch
Platform:
Unspecified
Windows 7
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
VERIFIED INCOMPLETE

People

(Reporter: prajapati_subodh, Unassigned, NeedInfo)

Details

User Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36 Steps to reproduce: We are creating a SharePoint hosted app with Client AppPart. I am calling "User Profile Service" from SharePoint services to get the user information. But Unfortunately I am getting security issue on Mozilla and Chrome. While the same code is working on Microsoft Internet Explorer Browser. The error message is showing on Mozilla as below: Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://one.aon.net/_vti_bin/userprofileservice.asmx. (Reason: CORS header 'Access-Control-Allow-Origin' missing). <unknown> Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://one.aon.net/_vti_bin/userprofileservice.asmx. (Reason: CORS request failed). Actual results: Getting security related error and not getting any results from SharePoint User Profile service. The error is as below: Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://one.aon.net/_vti_bin/userprofileservice.asmx. (Reason: CORS header 'Access-Control-Allow-Origin' missing). <unknown> Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://one.aon.net/_vti_bin/userprofileservice.asmx. (Reason: CORS request failed). Expected results: User information should get back from SharePoint service and security exception should not occurred.
Severity: normal → critical
OS: Unspecified → Windows 7
Priority: -- → P1
Severity: critical → normal
Component: Untriaged → DOM: Security
Priority: P1 → --
Product: Firefox → Core
Summary: Issue to access the SharePoint service within the SharePoint app. → CORS issue to access the SharePoint service within the SharePoint app.
If both Firefox and Chrome are behaving the same way then it's likely that your app is not using CORS headers correctly. But without a working site to test against it's hard to say.
Flags: needinfo?(prajapati_subodh)
Status: UNCONFIRMED → RESOLVED
Closed: 9 years ago
Resolution: --- → INCOMPLETE
We can reopen this if the reporter gets back to us.
I am from AON Hewitt. We are facing this issue on our company intranet environment. So it is very difficult to provide the live environment for this issue. If you want the pice of code that I can send to you.
Status: RESOLVED → VERIFIED
You need to log in before you can comment on or make changes to this bug.