Chromium Embedded Framework Forum

[salvadordf]

Hi,

Another CEF user found that https://messages.google.com/web is not loading the QR code with the latest CEF libraries.

I tried to load that page with the latest cefclient (m85) and it has the same issue.
http://opensource.spotify.com/cefbuilds ... nt.tar.bz2

The previous cefclient (m84) and Chrome 85 load the QR code correctly.
http://opensource.spotify.com/cefbuilds ... nt.tar.bz2

The DevTools show a "net::ERR_FAILED" error in the console in a POST request to https://instantmessaging-pa.googleapis. ... PhoneRelay

The "--disable-site-isolation-trials" switch has no effect. All the tests were done on Windows 10 64 bits and I added a "debug.log" file I got using a CEF4Delphi demo with the latest CEF libraries to this post.

Edit : I also tried to login to my bitbucket account using the latest cefclient and I get a "net::ERR_FAILED" error in a POST request to https://auth.atlassian.com/co/authenticate and I'm unable to login.

Any help debugging this issue would be appreciated.

[magreenblatt]

Can you try running with `--disable-features=OutOfBlinkCors` ? Please also file a bug.

[salvadordf]

Thank you again Marshal!

That switch fixes this issue.

[hunterlaux]

I was seeing an interesting issue in my app on chrome 85. It's totally unrelated salvadordf's app.
--disable-features=OutOfBlinkCors seems to resolve it.
I currently don't have access to the server logs, but from the remote debugger it looks like the Origin is included in the preflight, but missing from the request, so the Access-Control-Allow-Origin is added to the preflight response, but missing from the request response and I get a Network Error.

I'll keep looking into this.

[hunterlaux]

Am I warm?

https://bitbucket.org/chromiumembedded/ ... #lines-399

vs

https://github.com/chromium/chromium/bl ... er.cc#L472

[magreenblatt]

Just FYI I’m planning to debug this class of issues next week.

[darrinm]

I am having problems getting CefAddCrossOriginWhitelistEntry working unless I --disable-features=OutOfBlinkCors. CEF_VERSION 85.3.1+g1306235+chromium-85.0.4183.83, macOS.

Code: Select all

CefAddCrossOriginWhitelistEntry(L"https://installer.uapps.app", L"http", CefString(), true);


Seeing errors like

Code: Select all

"Access to fetch at 'http://localhost:8000/hello-world.uapp' from origin 'https://installer.uapps.app' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.", source: https://installer.uapps.app/index.html?url=http%3A%2F%2Flocalhost%3A8000%2Fhello-world.uapp

[magreenblatt]

It’s better to add the “Access-Control-Allow-Origin” header to your server response instead of using CefAddCrossOriginWhitelistEntry.

[darrinm]

Thanks for the response! If you mean change my localhost server to return the headers, it is just for testing. I want to make requests to any site without CORS restrictions (as any native app can).

If you mean there is some way with CEF that I can alter all responses to add the CORS headers I would love to know more about that. I see that I can intercept all requests and do my own requests under the covers, and add headers to the responses, but I'm wary that this might change browser behavior (streaming?).

Is there a way to intercept responses to the browser's requests to add headers before it handles the response?