Edit: I just realized this is a duplicate of Recommended solution for AJAX, CORS, Chrome & HTTP error codes (401,403,404,500), and he tried the idea I propose at the end. But I can't tell if he succeeded (dud user?), and no one else has posted a solution or even a comment, so I think it's worth fishing for new answers.
Problem:
422 Unprocessable Entity
, along with JSON information about the errors. The idea is that my app could receive this error information and handle it appropriately in the UI.Showing that the browser received the 401
status code but treated it as a CORS security error:
The response object, showing that my code cannot access the response data (data: ""
, status: 0
):
How have other people handled this limitation? My best guess right now is to hijack an HTTP "success" code (2XX
) as an error code, and then include the error information in the response. This prevents me from using the ajax error handlers in a normal way, but I'm handling this as a global ajax filter anyway, so this filter would capture the deviant success code and trigger the error handlers instead.
Cross-Origin Resource Sharing (CORS) errors occur when a server doesn't return the HTTP headers required by the CORS standard. To resolve a CORS error from an API Gateway REST API or HTTP API, you must reconfigure the API to meet the CORS standard.
i. Turn OFF the CORS plugin, reload the app, at this time you should still get the errors which are correct. ii. Turn it back ON, reload the app, if the APIs are successful, stop here, no need to proceed to iii.
If CORS processing fails, the web reverse proxy returns an error response with the CORS error code. Create or modify the corresponding template for error code 38983672 to customize the response returned. By default, IBM Security Verify Access installs a HTML type error template which returns a 400 status code.
The only way of resolving a CORS failure is to make sure your server sends the correct response headers.
The console message indicates that the server isn't sending the required Access-Control-Allow-Origin
header when it sends the 401 response code.
You won't be able to use the CORS error handler to inject content into the DOM unless you fix that.
The server is likely sending the header correctly on responses with a 200 response code. It needs to do it for other response codes, though, if you wish to use data from those response codes.
Fix that on the server end before making design compromises on the client side. That may solve your problem straight away.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With