Uploaded image for project: 'Nuxeo Platform'
  1. Nuxeo Platform
  2. NXP-25645

Can't hotreload with browser extension after applying HF15

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Critical
    • Resolution: Duplicate
    • Affects Version/s: 9.10-HF15
    • Fix Version/s: None
    • Component/s: Security, Web Common

      Description

      2018-08-23 14:22:16,237 WARN  [NuxeoCorsCsrfFilter] CSRF check failure: source: privacy-sensitive:/// does not match target: http://localhost:8080/ and not allowed by CORS config

      Seems related to https://jira.nuxeo.com/browse/NXP-25602

      Deploying the following cors contrib fixes the issue

      <extension target="org.nuxeo.ecm.platform.web.common.requestcontroller.service.RequestControllerService" point="corsConfig">
    <corsConfig name="all" supportedMethods ="GET,POST,HEAD,OPTIONS,DELETE,PUT" exposedHeaders="Content-Disposition">
      <pattern>/nuxeo/.*</pattern>
    </corsConfig>
</extension>

        Attachments

          Issue Links

          is duplicated by

          Bug - A problem which impairs or prevents the functions of the product. BDE-156 Can't hotreload in chrome with 9.10-HF15

          • Critical - Crashes, loss of data, severe memory leak.
          • Resolved

            Activity

              People

              • Votes:
                1 Vote for this issue
                Watchers:
                4 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: