https://community.qlik.com/t5/Management-Governance/Access-to-XMLHttpRequest-has-been-blocked-by-CORS-policy-during/m-p/1684074#M15732 <P>Hello, we are trying to configure JWT access to Qlik Sense single app based in iframes on our application pages.&nbsp;</P><P>I created a JWT virtual proxy and it works fine if manually add proper header to request.&nbsp;</P><P>But when trying to access the Qlik sense on our application pages using JWT it returns:</P><PRE>Access to XMLHttpRequest at '<A href="https://dev-clinic.imnasol.com/jwt/hub" target="_blank" rel="noopener noreferrer">https://&lt;ourQlikHubLink&gt;</A>' from origin '<A href="https://dev.imnasol.com/" target="_blank" rel="noopener noreferrer">https://&lt;ourAppLink&gt;</A>' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: Redirect is not allowed</PRE><P>&nbsp;I added our app URL to "<SPAN>Access-Control-Allow-Origin" and added it to WhiteList as described here&nbsp; -</SPAN><A href="https://support.qlik.com/articles/000061992" target="_blank" rel="noopener">https://support.qlik.com/articles/000061992&nbsp;</A></P><P>But still we see this error about access&nbsp;</P> Sat, 16 Nov 2024 03:00:20 GMT Vasyl 2024-11-16T03:00:20Z https://community.qlik.com/t5/Management-Governance/Access-to-XMLHttpRequest-has-been-blocked-by-CORS-policy-during/m-p/1684074#M15732 <P>Hello, we are trying to configure JWT access to Qlik Sense single app based in iframes on our application pages.&nbsp;</P><P>I created a JWT virtual proxy and it works fine if manually add proper header to request.&nbsp;</P><P>But when trying to access the Qlik sense on our application pages using JWT it returns:</P><PRE>Access to XMLHttpRequest at '<A href="https://dev-clinic.imnasol.com/jwt/hub" target="_blank" rel="noopener noreferrer">https://&lt;ourQlikHubLink&gt;</A>' from origin '<A href="https://dev.imnasol.com/" target="_blank" rel="noopener noreferrer">https://&lt;ourAppLink&gt;</A>' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: Redirect is not allowed</PRE><P>&nbsp;I added our app URL to "<SPAN>Access-Control-Allow-Origin" and added it to WhiteList as described here&nbsp; -</SPAN><A href="https://support.qlik.com/articles/000061992" target="_blank" rel="noopener">https://support.qlik.com/articles/000061992&nbsp;</A></P><P>But still we see this error about access&nbsp;</P> Sat, 16 Nov 2024 03:00:20 GMT https://community.qlik.com/t5/Management-Governance/Access-to-XMLHttpRequest-has-been-blocked-by-CORS-policy-during/m-p/1684074#M15732 Vasyl 2024-11-16T03:00:20Z https://community.qlik.com/t5/Management-Governance/Access-to-XMLHttpRequest-has-been-blocked-by-CORS-policy-during/m-p/1687479#M15796 <P><a href="https://community.qlik.com/t5/user/viewprofilepage/user-id/110245">@Vasyl</a>, is the developed portal application sending the requests to http and relying on Qlik Sense's redirect to https? Or perhaps there's a reverse proxy in between and/or an alias is being used for Qlik Sense instead?</P><P>Some reference to related content:</P><P><SPAN><A href="https://support.qlik.com/articles/000038606" target="_blank">https://support.qlik.com/articles/000038606</A></SPAN></P> Tue, 24 Mar 2020 22:08:33 GMT https://community.qlik.com/t5/Management-Governance/Access-to-XMLHttpRequest-has-been-blocked-by-CORS-policy-during/m-p/1687479#M15796 Andre_Sostizzo 2020-03-24T22:08:33Z