I changed my app's default API from 4.8 to 4.9 and am getting a CORS error when loading our layers in development mode (localhost).
Our webserver is CORS enabled, and it used to work fine in 4.8. I am aware of the changes made in 4.9 regarding cors:
I am getting a 401 unauthorized error, and when adding the domain to esriConfig.request.trustedServers (we are using web authentication), I am getting the following error :
Now I disabled web security in a Chrome window, and that works fine there. It's a good enough work around, but I was wondering if there was a way to make it work in "normal" mode.
The best way to avoid this is to never use localhost (even in development). I never use localhost I always use the machine name of my development machine.