Cors and API 4.9 issue

10-09-2018 05:30 AM
Occasional Contributor


I changed my app's default API from 4.8 to 4.9 and am getting a CORS error when loading our layers in development mode (localhost).

Our webserver is CORS enabled, and it used to work fine in 4.8. I am aware of the changes made in 4.9 regarding cors:

I am getting a 401 unauthorized error, and when adding the domain to esriConfig.request.trustedServers (we are using web authentication), I am getting the following error :

The 'Access-Control-Allow-Origin' header contains multiple values 'http://localhost:8080, *', but only one is allowed. Origin 'http://localhost:8080' is therefore not allowed access.

Now I disabled web security in a Chrome window, and that works fine there. It's a good enough work around, but I was wondering if there was a way to make it work in "normal" mode.


0 Kudos
1 Reply
MVP Esteemed Contributor


   The best way to avoid this is to never use localhost (even in development). I never use localhost I always use the machine name of my development machine.