Access to XMLHttpRequest has been blocked by CORS policy

Problem

When you try to login to your site, you get no error message from the login screen but you still can't access your applications

If you press F12 in your browser, you can see the following error messages in the console:

Access to XMLHttpRequest at ... from origin ... has been blocked by CORS policy. Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested source.

mceclip0.png

Description

The request is being blocked by CORS policy. For example, when you type the following URL:

yourserver.com:8009/gpsgateserver

You get the error described above.

The server firewall settings are configured to forward data from internal port 80 to external requests coming from port 8009.

mceclip2.png

By default, the IIS settings are bind to forward data to port 80. 

Solution

The internal and external port of your GpsGate server URL should be the same. In our example the solution comes from:

1. Change the firewall settings to forward data from 8009 to an internal 8009 port.

mceclip3.png

2. Change the IIS settings to be bound to the port 8009 or a port that matches the external port.

2.1 Open your IIS manager and select the Default Site > Bindings

mceclip4.png

2.2 Change the default port from 80 to your custom port, in our example, 8009. 

mceclip5.png

2.3. Perform 'iisreset' from the command line to apply the changes.