I have two accounts, from one account i created the app(Account 1) and in the second, i installed the managed app. In my primary account(Account 1), i am able to run the app but in all other accounts where i installed the app, i am getting this error: Failed to execute ‘postMessage’ on ‘DOMWindow’: The target origin provided (‘https://na34.salesforce.com’) does not match the recipient window’s origin (‘https://esisf.na34.visual.force.com’).
I know both of those url are different but i don't know how to make them same or fix this issue.
Please if anyone has any idea, please let me know how to fix this issue.
Thanks in advance
This sounds like a CORS issue. You're also using the MyDomain feature, so there's a "esisf" subdomain before the na34 server subdomain.
Try whitelisting both urls in your CORS setup
Use CORS
Related
I've been struggling to find a solution for this issue. Basically I have web application that allows users to sign in with their azure active directory using OpenIdConnect. Everything works perfectly fine on my local. However, when deployed to azure aks, somehow the redirect url changes from https to http when user is authenticated. This causes an exception in azure ad:
AADSTS50011: The redirect URI 'http://example.abc.com/signin-oidc' specified in the request does not match the redirect URIs configured for the application 'c853f6fe-5f4a-436e-b329-ff6da9ab89ab'. Make sure the redirect URI sent in the request matches one added to your application in the Azure portal. Navigate to https://aka.ms/redirectUriMismatchError to learn more about how to fix this.
I defined the redirect URI in the application as https://example.abc.com/signin-oidc and no wonder that it does not match. However, I'm struggling to find out why it's happening and how I can resolve it. I'm using .NET 6 and AKS client version 1.22.
Any help would be greatly appreciated. Thank you
AADSTS50011: The redirect URI 'http://example.abc.com/signin-oidc' specified in the request does not match the redirect URIs configured for the application 'c853f6fe-5f4a-436e-b329-ff6da9ab89ab'. Make sure the redirect URI sent in the request matches one added to your application in the Azure portal. Navigate to https://aka.ms/redirectUriMismatchError to learn more about how to fix this.
The above error occurs usually when redirect Url in the authentication are not configured in Azure AD like.
Accessing Website from a different address than what you have defined for your application causes an error.
please check if you have made a mistake in the configuration itself.
From your case :
Please make sure you set ssl redirects url to True
Note:
By default controller redirects HTTP clients to 443 port -https ,if it has TLS is enabled
In ingress routing yaml file if it is set to false, try to set it or modify it to true
nginx.ingress.kubernetes.io/ssl-redirect: "true"
nginx.ingress.kubernetes.io/use-regex: "true"
Also as you said you are using .net make sure you have set headers to true.
Please check that header size in 32k in annotations.
nginx.ingress.kubernetes.io/proxy-buffer-size: "32k"
Reference:
Error AADSTS50011 - The reply URL specified in the request does not match the reply URLs configured for the application . - Active Directory | Microsoft Docs
I finally figured out the solution for myself. Thanks to the answer in other SOF
Since I'm using .NET 6, all I have to do is
Set the ASPNETCORE_FORWARDEDHEADERS_ENABLED = true AND
Add these two lines suggested from #Venkatesan to my ingress yml
nginx.ingress.kubernetes.io/ssl-redirect: "true"
nginx.ingress.kubernetes.io/use-regex: "true"
Everything works perfectly after that.
Thank you everyone.
I am getting the following issue on Angular application, which is currently live on the web.
Users can't log in because of this. And, already logged in users can't use the website properly.
Error: Access to XMLHttpRequest at "Frontend (Domain)" from origin "Backend (Domain)" has been blocked by CORS Policy. No 'Access-Control-Allow-Origin' header is present on the requested resource.
I already seen many posts related to the same issue. Already implemented most of the solutions to the application. Let me explain in detail.
Application Details :
Frontend: Angular 7, SSL Installed.
Backend: Python 3.7, Django Rest framework, 'CorsHeader' Plugin installed, CORS_ORIGIN_ALLOW_ALL is True and 'corsheaders.middleware.CorsMiddleware' is at the top of the middleware list.
Apache on Server: 'rewrite', 'wsgi' and 'headers' enabled.
Most Importantly: After implementing the solutions, the errors are gone for a while. But, after a few days/weeks, the same error occurs again. Rebooting the server will fix the issue. But, the same will come again after a few days/weeks.
What is the proper fix for this issue? Or Am I doing anything wrong on my side?
NB: I am not testing from local/postman. Everything works perfectly on local and Postman.
Adding two screenshots of a request. This request is done two times automatically. The first Request has no response. And, the Second request has a 503 response.
I found the root issue, please see your screenshot, there is Access-Control-Request-Method: GET and it should not be there.
In your angular code remove the below code.
request.headers
.set('Access-Control-Allow-Methods', 'GET')
.set('Access-Control-Allow-Origin', '*');
Hope it resolve your issue.
i have created the simple login page using AngularJS integrate with okta api this POST API I am passing the parameters like:
1) Username
2) password
3) option:multiOptionalFactorEnroll:true
warnBeforePasswordExpired:true
it's throwing the 500 internal server error, can you help me how to fix this issue?
This is a CORS issue please add "Allow-access-control-origin": "*" in headers while doing a post request and also Check this link and allow your website to access the same
Cross Origin issues can be bypassed by disabling chrome web security (provided you are testing in chrome browser):
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --disable-web-security --allow-file-access-from-files
But, please be advised this approach will work only in your local machine and for server you will need to use the approach as mentioned by #Neha Tawar
Following the instructions in https://cloud.google.com/storage/docs/object-change-notification#_Authorize_Endpoint I'm trying to set a watchbucket notification.
I'm running:
gsutil notification watchbucket https://-------.appspot.com gs://-----
(with my real application id and bucket)
The error string reported by gsutil suggest an internal bug:
BadRequestException: 400 No valid domain for WebHook callback: https://https://...
Note the double https:// in the error report
trying to remove the https:// ends with an error:
CommandException: The application URL must be an https:// URL.
I believe I've done all the things needed. I'm working with a service account of the application. the application URL is listed in https://console.developers.google.com/project/ywz-gcs-watch/apiui/notification. The service account has access to the watch bucket (tried it also with a bucket belong to the application project)
Is that a gsutil bug?
I've faced the exactly same problem here. The issue was that my allowed domain was registered like 'https://example.com' while it should be 'example.com'.
Go to your google developer console and open your project page.
In the sidebar on the left, click APIs & auth, then click Push.
Double check if your domain is correct. If not, enter just the domain without the protocol part and wait a few minutes before test again. Hope it helps!
Kindly Regards,
Vinícius Miasato
I am doing an angular app to upload file directly to s3 storage. The app seems work only with one issue:
When it start to upload, it will send a request with options method first, and it will fail with error as below:
In Chrome: OPTIONS https://{my-domain}.s3.amazonaws.com/ net::ERR_INSECURE_RESPONSE
In Firefox: Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://{my-domain}.s3.amazonaws.com/. This can be fixed by moving the resource to the same domain or enabling CORS.
However, when I try visit in browser with https://{my-domain}.s3.amazonaws.com, it will say connection untrust, and if I choose add exception, everythings goes very well.
So, I guess it is to do with the SSL certificate which is for s3.amazonaws.com not for {my-domain}.s3.amazonaws.com. It should not because CORS, otherwise later it should still be problem.
How can I fix it? Need another SSL?
Thanks,
Ron
After days efforts, finally found out it is because I got a dot "." in the bucket name, check this for more details: Amazon S3 - HTTPS/SSL - Is it possible?