Chome's CORS security feature is affecting a CORS-include on my webpage on slow networks
Reported by
subraman...@gmail.com,
Jan 16
(6 days ago)
|
|||||
Issue descriptionChrome Version : 71.0.3578.98 (Official Build) (64-bit) 'about:version'> URL : https://contactus.kglobalservices.com/templates?nocache=1547655514000 Behavior in Safari 4.x/5.x: Webpage blocked due to CORS Behavior in Firefox 3.x/4.x: web page blocked due to CORS What steps will reproduce the problem? (1)Goto developer tools on chrome browser , click on network tab and filter the url: https://contactus.kglobalservices.com/templates (2)On browser navigation bar open URL:https://www.kelloggs.com/en_US/contact-us.html (3) On developer tools window,on network tab click on request pertaining to "https://contactus.kglobalservices.com/templates?nocache=..." (4) you can see that only Provisional headers are shown under response headers. On console we get this error Access to XMLHttpRequest at 'https://contactus.kglobalservices.com/templates?nocache=1547656448000' from origin 'https://www.kelloggs.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
,
Jan 17
(6 days ago)
,
Jan 18
(4 days ago)
,
Jan 18
(4 days ago)
Tried testing issue on reported chrome version #71.0.3578.98 using Windows 10 by following below steps. Steps: ===== 1.Launched chrome. 2.Opened Devtools->Network tab. 3.In the filter enter "https://contactus.kglobalservices.com/templates". 4.Navigated "https://www.kelloggs.com/en_US/contact-us.html". 5.Under the network tab, observed that there are no results related "https://www.kelloggs.com/en_US/contact-us.html" link. 6.Under console there are no errors found. Attached screencast for reference. @reporter: Could you please review attached screencast and let us know if anything is missed from our end. Thanks.!
,
Jan 18
(4 days ago)
Hi, This issue is occurring at our production site. This is affecting the business. Our network team identified that traffic specific to CORS is not as per standards. Hence they have handled it by applying some changes to some network configuration. Hence it is working. But we have done a workaround and not fixed the issue at server level. I wanted to know how I can verify request and response from my chrome browser when CORS issue is happening. We wanted to know what is causing CORS issue at browser with respect to request/response
,
Jan 18
(4 days ago)
Please help us identify the issue with request and response that is causing CORs issue.
,
Jan 18
(4 days ago)
Thank you for providing more feedback. Adding the requester to the cc list. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot |
|||||
►
Sign in to add a comment |
|||||
Comment 1 by dtapu...@chromium.org
, Jan 16 (6 days ago)