Do not input private or sensitive data. View Qlik Privacy & Cookie Policy.
Skip to main content

Qlik

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Announcements
Qlik Connect 2025! Where innovative solutions turn your data visions into reality: REGISTER TODAY
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
pablolabbe
Luminary Alumni
Luminary Alumni
‎2018-07-24 10:39 PM

Cross-Origin Request Blocked using mashup API

Hi,

  I'm configuring a mashup to run from an IIS Server, instead of using the internal Qlik Sense server. Both on same machine but using different ports. IIS on 8080 and Qlik on 80.

   When I open the url http://<nydomain.com>:8080/mashupsite  the authentication is fine and the html elements are shown in the page as well but the qlik objects doens´t display.

  After reviewing the developer console I found the errror below:


  Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at http://<mydomain.com>/resources/autogenerated/product-info.json?1532484125189. (Reason: CORS header ‘Access-Control-Allow-Origin’ missing).


  I already added the tag Access-Control-Allow-Origin in the additional response headers parameter in the virtual proxy (default) but the error is still there.


  The server is version June/2018 and using only the default virtual proxy using ticket and windows authentication.

  Does anyone have a clue about how to solve this issue ?

19,516 Views
20 Replies
09999
Contributor II
Contributor II
‎2018-09-20 10:03 AM

In response to royal_87

so after downgrading qlik sense desktop version were you able to get rid of this error? if so to what version you downgraded?

6,945 Views
0 Likes
royal_87
Partner - Contributor III
Partner - Contributor III
‎2018-09-21 02:19 AM

In response to 09999

I don't get the error in april version and before.

6,953 Views
rodolfoviolac
Contributor III
Contributor III
‎2018-09-21 09:44 PM

Hi pablolabbe‌ I fixed this issue setting the appropriate response header on server side, if you are using NodeJS you can use this lib https://github.com/expressjs/cors‌ if not you can just set the "Access-Control-Allow-Origin" : "*" to the response header!

Exemple of response allowing CORS using Express:

  res.header("Access-Control-Allow-Origin", "*");

  res.header("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept");

6,953 Views
0 Likes
paoloderegibus
Partner - Contributor III
Partner - Contributor III
‎2018-10-29 06:18 AM

In response to 09999

Hello guys,

I was able to solve the cors issue for the desktop version using browsers add-ons.

For firefox I am using CORS everywhere: CORS Everywhere – Scarica l’estensione per    Firefox (it)

For Chrome MoesIf CORS changer: Moesif Origin & CORS Changer - Chrome Web Store with the following settings since I my local dev-server answers on port 3000.

These add-ons will work only for the desktop version: you won't be able to connect to an actual QS server and use capability APIs.

If you are using an express local server to develop your app I suggest to take a look at this packege: http-proxy-middleware - npm. I am using it with the dev-server provided by create-react-app and I am able to connect to dektop APIs as well as Enterprise Server APIs, although it requires a bit of configuration.

6,953 Views
sebastian_serva
Partner - Contributor III
Partner - Contributor III
‎2018-11-24 03:59 PM

In response to Anders-Nilsson

Hi @Anders-Nilsson,

You're suggestion saved the day. I had the same issue, and by white listing the protocol + FQDN + port it solved the cross-domain issue + weird 'zone.js' error.

Can you explain a bit more in detail why this step is required? Before June 18 when you loaded js/qlik, it was also requiring multiple JS files and this white list entry was not needed. Is it because it's requiring JSON files?

Thanks again,

Seb.

6,923 Views
0 Likes
KStreak
Contributor II
Contributor II
‎2019-01-03 05:49 PM

In response to sebastian_serva

Hello All,

I am also facing this issue in Apr 2018 release Patch1. We are trying to integrate the mash-up inside sales force and getting this error, Tried by setting allo-access control but, it does not reflect when i verify in Chrome.

any help will be appreciated or Do we need to log a case with Qlik.

6,765 Views
0 Likes
arodriguez5
Partner - Contributor II
Partner - Contributor II
‎2019-01-24 04:42 AM

In response to KStreak

Hello All,

I get the same issue on qlik server june2018, any solution?

Virtual proxy

Access-Control-Allow-Origin: https://<mydomain>:4343
Access-Control-Allow-Credentials:true
Access-Control-Allow-Methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
Access-Control-Allow-Headers: Origin, Content-Type, X-Auth-Token

 

Qlik and web serrver (IIS) in same server.  please help

 

 

  Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at http://<mydomain.com>/resources/autogenerated/product-info.json?1532484125189. (Reason: CORS header ‘Access-Control-Allow-Origin’ missing).

 

6,694 Views
0 Likes
arodriguez5
Partner - Contributor II
Partner - Contributor II
‎2019-02-06 03:14 AM

In response to arodriguez5

Nobody help me? any idea guys?

6,597 Views
0 Likes
KStreak
Contributor II
Contributor II
‎2019-02-06 03:45 PM

In response to arodriguez5
I worked with QlikTech Support team to resolve this issue. Please watch how to solve CORS Issue https://www.youtube.com/watch?v=slM8ZOfjOBA
6,582 Views
0 Likes
arodriguez5
Partner - Contributor II
Partner - Contributor II
‎2019-02-22 04:43 AM

In response to KStreak

It stays the same problem, follow the video instructions and same problem...can you send your config (virtual proxys, server webapp config (headers) )...thx

6,473 Views
0 Likes