AnsweredAssumed Answered

How to prevent browser from caching CORS domain?

Question asked by tjeffery77 on Aug 20, 2019
Latest reply on Aug 20, 2019 by belan-esristaff

The internet is full of questions about CORS, and this is definitely another one of them.  Here's (what I think is fairly standard) situation, and the problem I'm facing.

 

CORS is set up and working properly in my web application, and on the external ArcGIS servers which provide the basemaps and data it uses.  However, there's an issue which plagues developers and testers:

If I'm developing/testing on devserver.com and my browser makes a CORS request out to basemaps.com, everything works fine.  If I then go to prodserver.com in another browser tab and bring up the application, a CORS request is sent out and denied with the "Access to XMLHttpRequest at 'basemaps.com/arcgis...' from origin 'https://devserver.com' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header has a value 'https://prodserver.com' that is not equal to the supplied origin.

 

Clearly some caching is happening in the browser, where it's sending the wrong (previous devserver.com) domain out in the request so the external ArcGIS server is (correctly) rejecting it, but no amount of googling / stack-overflowing / etc. has led me to anything approaching a solution to this problem. I don't know how to stop the caching, or inject something into the request to prevent it, or anything.  I feel like this has to be a common problem among folks developing webapps using the ArcGIS Javascript API. I have my local development server, a test server, and a production server, and this issue has been nagging at me for years.

 

If anyone has any insight into a possible solution for this problem, it would be greatly appreciated!  This is my white whale.

Outcomes