Chromium Embedded Framework Forum

[Dhvaj17]

Hi,

We recently upgraded from V86 to v91 and we are getting this issue
net::ERR_FAILED
and browser does not load the app further. On checking further, it seems browser is blocking the cors preflight request and actual post request is never sent and it fails with the error net::ERR_FAILED.

We had faced the same issue starting V86 but same got resolved by adding the below flag.
disable-features-OutOfBlinkCors in command line arguement.
https://bitbucket.org/chromiumembedded/ ... -fail-with


Now on upgrading to V91 ,we are back to square 1.

Can someone help or suggest how to fix this or any relevant flag is available to suppress this ?

[magreenblatt]

What are the origin and target URLs? Are you loading them over the network? Is the server returning correct CORS headers? Are there any related errors in the DevTools console or network tabs?

[Dhvaj17]

What are the origin and target URLs? Are you loading them over the network? Is the server returning correct CORS headers? Are there any related errors in the DevTools console or network tabs?

hi,

Origin Url -> www.Domain-A.com makes a call to Target Url ->www.Domain-B.com , which internally makes a call for Authorization, this being a cors call, browser sends a preflight request and it fails.

Please note server is sending the appropriate cors header like - Access-Control-Allow-Origin : *. (This flow is verified in standalone chrome browser).

This works wells in standalone chrome & edge chromium browser.

[magreenblatt]

Can you share a URL that reproduces the problem, for debugging purposes?

[Dhvaj17]

Can you share a URL that reproduces the problem, for debugging purposes?

Hi,

We are getting this weird issue on CEF latest client (v93) in our office environment but not getting it with the same client on local machine. Same also works in stand alone chrome browser and edge chromium browser in both office environement and local machine.

when executing the below code which has the authorization header in its request on Cef Client(office environment), a preflight request is raised and no further request is made ,as preflight request itself gets into the error.

On console bar, i can only see err::ERR_Failed error.

Not sure why it is not working in my company's office environment.

Please note that this works fine when i run locally.

Sample code :
---------------------------------------------------------------------------------------------------------------------------------------------
function reqListener(){
console.log(this.responseText)
}


var oreq = new XMLHttpRequest();
oreq.addEventListener("load",reqListener);
oreq.open("GET","https://mytestapi.free.beeceptor.com/my/api//path")

oreq.setRequestHeader("authorization-token","dummy-token");

oreq.send();


--------------------------------------------------------------------------------------------------------

Could you please suggest what could be that thing that is causing this preflight request to fail?

[Dhvaj17]

Hi All,

i have changed the Post Main header to be more accurate.

We were able to figure out the Issue ,but still don't have the fix for it.

On Proxy internet connection, if i make a Get call from domain1 to domain 2 and in the request if we have authorization header in the request,
a preflight request is triggered by CEF browser and it fails with the error ERR::NET_FAILED.

Please note this works well for chrome & edge browser on same proxy internet connection.

Till v86, this use case used to work by disabling feature OutOfBlinkCors but now this has been removed and now our most of the apps are not working because of this use case.

On analyzing the network calls, we came to know that in Chrome & edge browser if such call is made then in that case as well a prefight request is made and on this call, server ask browser to send AllowCredential header in the subsequent request which browser is able to negotiate the same and the request succeeds but in our case in CEF Browser ,it seems no such handling is available and hence no further calls are made and it fails with err:net_failed.

Please note this issue is reproducible on latest CEF version 94 as well (Requires Proxy internet connection, it works well on home network).

Sample Code to reproduce the issue :

function reqListener(){
console.log(this.responseText)
}

var oreq = new XMLHttpRequest();
oreq.addEventListener("load",reqListener);
oreq.open("GET","https://mytestapi.free.beeceptor.com/my/api//path")

oreq.setRequestHeader("authorization-token","dummy-token");

oreq.send();

[magreenblatt]

Sounds like https://magpcss.org/ceforum/viewtopic.php?f=6&t=18321

[Dhvaj17]

Sounds like https://magpcss.org/ceforum/viewtopic.php?f=6&t=18321

Thanks magreenblatt for the quick refference.

I could see the workaraound has been provided for the same on that link by adding the flag
--disable-request-handling-for-testing.

It has beed added starting V - 91.04472.114 - Branch - 4472

It does the tricks and works for me.

Only problem i am facing is , dev tool bar window opens as blank with this setting.

do you know what could be the reason ?

[magreenblatt]

You can probably use DevTools via remote debugging instead (specify the --remote-debugging-port=XXXX command-line flag and browse to http://localhost:XXXX in a matching version of Chrome).

[Dhvaj17]

You can probably use DevTools via remote debugging instead (specify the --remote-debugging-port=XXXX command-line flag and browse to http://localhost:XXXX in a matching version of Chrome).

thanks for the quick help.