Crossbar + TLS + longpoll: HTTP access control (CORS) problem

#1

I’m trying to establish a longpoll connection, but get this error:
Response to preflight request doesn’t pass access control check: No ‘Access-Control-Allow-Origin’ header is present on the requested resource. Origin ‘http://example.com’ is therefore not allowed access. The response had HTTP status code 501.

So, in order to make Crossbar work with longpoll in browsers it has to add response header “Access-Control-Allow-Origin”. For more info please check: https://developer.mozilla.org/en-US/docs/Web/HTTP/Access_control_CORS

Please improve support of longpoll. Thank you.

0 Likes

#2

In the logs I see this message:
“…failing WebSocket opening handshake (‘HTTP method ‘OPTIONS’ not allowed’)…”

but https://developer.mozilla.org/en-US/docs/Web/HTTP/Access_control_CORS saying:

“…the specification mandates that browsers “preflight” the request, soliciting supported methods from the server with an OPTIONS request method, and then, upon “approval” from the server, sending the actual request with the actual HTTP request method…”

0 Likes