[
https://issues.apache.org/jira/browse/GUACAMOLE-1839?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Mike Jumper closed GUACAMOLE-1839.
----------------------------------
Resolution: Invalid
> JSON auth should set 'Access-Control-Allow-Origin = *'
> ------------------------------------------------------
>
> Key: GUACAMOLE-1839
> URL: https://issues.apache.org/jira/browse/GUACAMOLE-1839
> Project: Guacamole
> Issue Type: Bug
> Components: guacamole-auth-json
> Affects Versions: 1.5.2
> Reporter: Kevin Rise
> Priority: Major
>
> Setup:
> * Guacamole/guacd: 1.5.2, Docker versions
> * Browser: Chrome & Firefox (latest)
> I'm trying to use the JSON auth and running into a problem where after doing
> the POST to '<guacamole>/api/tokens' the response (that contains the required
> login token) is getting blocked due to CORS. Everything works fine
> otherwise, I can even see the log entry in Guacamole that the login was
> successful. But the browser is blocking the response due to CORS.
> I've got a javascript app (Vue if it matters) running in the browser making
> the POST call.
> What I think should happen (and admitting I'm not an expert in CORS) is that
> the response to the POST call should set the 'Access-Control-Allow-Origin =
> *' header in the response to allow the browser to let my app see the response.
> I've tried a few simple tests, like using Chrome plugins to either 1) disable
> CORS checks or 2) set the 'Access-Control-Allow-Origin = *' header in the
> POST response, and both "fix" the problem.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
