I am working on a road closure app that will be constructed using the Web AppBuilder (Developer Edition). Because it will be embedded into another website we are going to host it locally and utilize the Esri proxy (from GitHub) to bypass the need for credentials.
I am having issues when trying to access hosted layers from ArcGIS Online. I needed to add the "Access-Control-Allow-Origin" to the page header to access our organization's ArcGIS Online Account for the app to work.
When I add this, the browser then comes back with the following error:
"The 'Access-Control-Allow-Origin' header contains multiple values '*, *', but only one is allowed. Origin 'www.mysite.com' is therefore not allowed access."
I have checked both the app's page and the proxy's page on IIS and I cannot locate a second value.
Where do I need to go to find this second value?
P.S. I am new to CORS, so I am learning as I go.