CORS error with ExB Developer Edition and Enterprise

MarcBate · ‎05-16-2022

When accessing ExB Developer edition via https://localhost:3001, and entering our ArcGIS Enterprise 10.9.1 address on the page https://localhost:3001/page/set-portalurl , it says "Your application domain is not allowed via Cross-Origin Resource Sharing (CORS) to access" then url of our portal web adaptor.

I tried to allow localhost in the Organization > Settings > Security page in the Portal, but it won't let me add it or https://localhost:3001

How do we use ExB Dev with our Enterprise server? I can only get it to work with AGOL.

AzinSharaf · ‎05-17-2022

I am using my machine's fqdn (https://my_machine_fqdn:3001 and added this url to Portal security page. You may need use a CORS browser extension (link) as well to disable it.

View solution in original post

MarcBate · ‎05-18-2022

This does not work and is most likely not recommended. There is another post marked as the solution, i.e. use the FQDN instead of localhost when accessing the ExB Dev edition and add that to the list of Allowed Origins in Portal Organization Security settings page

View solution in original post

GuillaumeArnaud · ‎05-16-2022

Hi ! If you have frontal of webadaptator of portal on IIS, verify if param accept CORS. Look your web.config file. An example can be find here : https://docs.microsoft.com/en-us/iis/extensions/cors-module/cors-module-configuration-reference . The same thing is available for Apache.

Guillaume

MarcBate · ‎05-18-2022

This does not work and is most likely not recommended. There is another post marked as the solution, i.e. use the FQDN instead of localhost when accessing the ExB Dev edition and add that to the list of Allowed Origins in Portal Organization Security settings page

AzinSharaf · ‎05-18-2022

Editing web.config to allowing CORS is a Microsoft solution (the link Guillaume mentioned) and I can't say is not recommended unless you use "localhost" in web.config.

I think using "allow origin" does the same thing in Portal. But regardless, you cannot use localhost on either of the solutions for security reason,

AzinSharaf · ‎05-17-2022

I am using my machine's fqdn (https://my_machine_fqdn:3001 and added this url to Portal security page. You may need use a CORS browser extension (link) as well to disable it.

DougSims_GT · ‎01-30-2023

"I can only get it to work with AGOL."

I'm still getting this error even using AGOL.

Even after adding my machine's FQDN to the allow list, I still get the CORS error when trying to register the app on my desktop.

Am I missing something obvious here?

ADM48 · ‎02-01-2023

Yup same here. My application is in AGOL and I've added the domain to the allow list.

DougSims_GT · ‎02-02-2023

The first problem I had was that I entered my server and my desktop into the list of "Trusted Servers" instead of the "Allowed origins" section.

I had originally added our top level domains to the allowed origins list, thinking that would cover all of our servers, but I discovered that domain wildcards are not allowed in that list. (Which seems like an odd limitation.)

Adding my server name and my desktop FQDN to the allowed origins list fixed the issue for me.