We are getting reports from our users of an error message: 498 Invalid Token (Esri)
Returned by ArcGIS for Server. Code 498 indicates an expired or otherwise invalid token.
It is only occurring in Chrome. Same user, same machine, different browser - works fine.
We appear to have narrowed it down to Chrome 85 update, which was released 14 days ago and coincided with when reports started. If a user reports the error, and installs Chrome 80, the problem goes away. They upgrade to Chrome 85, problem starts again.
What is weird is two people can be sitting next to each other in the office, works for one, not the other. Same OS and windows patches, same release of Chrome 85. Person not working logs onto computer that is working, works fine.
Is anyone else seeing issues with the Chrome 85 release and Esri tokens?
Chrome plans to gradually enable
strict-origin-when-cross-origin as the default policy in 85; this may impact use cases relying on the referrer value from another origin
This appears to be the the cause of the problem.
To get around the issue one can:
Is there or will be long term solution to this. Disabling the flag works but this can't be a long term solution for regular customers.
If not what are the recommendations from ESRI of how to implement token authentication from different apps.
If anybody else have the same problem, i solved it by putting this meta tag in head of index.html
Now it works on Chrome.
Hi, thanks for the tip, In which index.html file did you place your tag ? There's a lot in the web appbuilder tree ...
We are experiencing a huge amount of these errors in our 10.8.1. Chrome is becoming a real pita with those security ever increasing implementations. Almost every new release breaks something in Enterprise platform.
Security is no compromise, I agree, but it makes us loose way too many times to fix the issues, imho