topic CORS error when embedding a graph in localhost page (JWT V-proxy) in Integration, Extension & APIs https://community.qlik.com/t5/Integration-Extension-APIs/CORS-error-when-embedding-a-graph-in-localhost-page-JWT-V-proxy/m-p/2495173#M21593 <P>Hi, <BR />I am trying to embed some graphs from Qlik Sense authenticating through a virtual proxy with JWT which was working perfectly until now. This is my HTML code that embeds the graph:</P> <P>&nbsp;</P> <P>&nbsp;</P> <LI-CODE lang="markup">&lt;html&gt; &lt;script&gt; var xhr = new XMLHttpRequest(); var token = '&lt;jwt token&gt;' xhr.open('GET', 'https://bi.dglserv.com.br/jwt/single/?appid=39119e36-67e8-42bc-b94e-d2d2f7471a39&amp;obj=HKjPDJ&amp;theme=horizon&amp;opt=ctxmenu,currsel'); xhr.onreadystatechange = handler; xhr.responseType = 'blob'; xhr.setRequestHeader('Authorization', 'Bearer ' + token); xhr.setRequestHeader('Access-Control-Allow-Origin', '*'); xhr.send(); function handler() { if (this.readyState === this.DONE) { if (this.status === 200) { // this.response is a Blob, because we set responseType above var data_url = URL.createObjectURL(this.response); document.getElementById('test').src=data_url; } else { console.error('no pdf :('); } } } &lt;/script&gt; &lt;body&gt; &lt;iframe id="test" src="" style="border:none;width:100%;height:100%;"&gt;&lt;/iframe&gt; &lt;/body&gt; &lt;/html&gt;</LI-CODE> <P>And these are the setting from my virtual proxy:</P> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="luis_dgl_0-1732819333519.png" style="width: 400px;"><img src="https://community.qlik.com/t5/image/serverpage/image-id/174975i8924AD54CCAEDB57/image-size/medium?v=v2&amp;px=400" role="button" title="luis_dgl_0-1732819333519.png" alt="luis_dgl_0-1732819333519.png" /></span></P> <P><BR />However I am getting a 403 (<SPAN class="lia-message-unread lia-message-unread-windows">untrusted http origin header scheme is not allowed</SPAN>) error when loading the page:</P> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="luis_dgl_1-1732819361266.png" style="width: 400px;"><img src="https://community.qlik.com/t5/image/serverpage/image-id/174976i7BEB9B19294AC27B/image-size/medium?v=v2&amp;px=400" role="button" title="luis_dgl_1-1732819361266.png" alt="luis_dgl_1-1732819361266.png" /></span></P> <H2 class="message-subject"><BR /><BR />Did anybody else have this problem? How did you fix it?</H2> Thu, 28 Nov 2024 18:45:07 GMT luis_dgl 2024-11-28T18:45:07Z CORS error when embedding a graph in localhost page (JWT V-proxy) https://community.qlik.com/t5/Integration-Extension-APIs/CORS-error-when-embedding-a-graph-in-localhost-page-JWT-V-proxy/m-p/2495173#M21593 <P>Hi, <BR />I am trying to embed some graphs from Qlik Sense authenticating through a virtual proxy with JWT which was working perfectly until now. This is my HTML code that embeds the graph:</P> <P>&nbsp;</P> <P>&nbsp;</P> <LI-CODE lang="markup">&lt;html&gt; &lt;script&gt; var xhr = new XMLHttpRequest(); var token = '&lt;jwt token&gt;' xhr.open('GET', 'https://bi.dglserv.com.br/jwt/single/?appid=39119e36-67e8-42bc-b94e-d2d2f7471a39&amp;obj=HKjPDJ&amp;theme=horizon&amp;opt=ctxmenu,currsel'); xhr.onreadystatechange = handler; xhr.responseType = 'blob'; xhr.setRequestHeader('Authorization', 'Bearer ' + token); xhr.setRequestHeader('Access-Control-Allow-Origin', '*'); xhr.send(); function handler() { if (this.readyState === this.DONE) { if (this.status === 200) { // this.response is a Blob, because we set responseType above var data_url = URL.createObjectURL(this.response); document.getElementById('test').src=data_url; } else { console.error('no pdf :('); } } } &lt;/script&gt; &lt;body&gt; &lt;iframe id="test" src="" style="border:none;width:100%;height:100%;"&gt;&lt;/iframe&gt; &lt;/body&gt; &lt;/html&gt;</LI-CODE> <P>And these are the setting from my virtual proxy:</P> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="luis_dgl_0-1732819333519.png" style="width: 400px;"><img src="https://community.qlik.com/t5/image/serverpage/image-id/174975i8924AD54CCAEDB57/image-size/medium?v=v2&amp;px=400" role="button" title="luis_dgl_0-1732819333519.png" alt="luis_dgl_0-1732819333519.png" /></span></P> <P><BR />However I am getting a 403 (<SPAN class="lia-message-unread lia-message-unread-windows">untrusted http origin header scheme is not allowed</SPAN>) error when loading the page:</P> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="luis_dgl_1-1732819361266.png" style="width: 400px;"><img src="https://community.qlik.com/t5/image/serverpage/image-id/174976i7BEB9B19294AC27B/image-size/medium?v=v2&amp;px=400" role="button" title="luis_dgl_1-1732819361266.png" alt="luis_dgl_1-1732819361266.png" /></span></P> <H2 class="message-subject"><BR /><BR />Did anybody else have this problem? How did you fix it?</H2> Thu, 28 Nov 2024 18:45:07 GMT https://community.qlik.com/t5/Integration-Extension-APIs/CORS-error-when-embedding-a-graph-in-localhost-page-JWT-V-proxy/m-p/2495173#M21593 luis_dgl 2024-11-28T18:45:07Z Re: CORS error when embedding a graph in localhost page (JWT V-proxy) https://community.qlik.com/t5/Integration-Extension-APIs/CORS-error-when-embedding-a-graph-in-localhost-page-JWT-V-proxy/m-p/2495246#M21594 <P>Are you running your local env on http? Please try to switch over https.</P> Fri, 29 Nov 2024 09:12:14 GMT https://community.qlik.com/t5/Integration-Extension-APIs/CORS-error-when-embedding-a-graph-in-localhost-page-JWT-V-proxy/m-p/2495246#M21594 alex_colombo 2024-11-29T09:12:14Z