3 Replies Latest reply on May 18, 2018 7:12 AM by gregor

    CORS Issue some of the time

    rodp

      Hi,

       

      I've got an Angular5 app and use the Pi Web API client library service to make requests to the PI Web API.

      But I'm having an issue with the requests failing with the error "Response for preflight is invalid (redirect)", about half the time.

      Sometimes the requests work fine, and other times they don't. With no code or config changes.

      And it affects both GET and POST requests.

       

      I think I'm pretty well across CORS and have tried numerous configurations without any luck.

      I have even set the CorsMethods/Headers/Origins to * to try and get it working properly.

      The problem is, the preflight actually returns an OK 200 response, but the actual request isn't triggered because of the error.

       

      I've tried using Basic and Kerberos authentication methods.

       

      And this only affects Chrome, while IE works fine.

       

      Any help would be greatly appreciated, thanks

        • Re: CORS Issue some of the time
          gregor

          Hello Rod,

           

          I don't believe this issue is caused by PI Web API Client library nor PI Web API itself but because your question is the first time we see this error, let's collect some basic information.

           

          • What is the PI Web API version?
          • Is your application server also hosting PI Web API or is PI Web API installed on a remote host?
          • Do you observe this behavior locally on your application server and / or with remote clients?
          • Can you share your PI Web API settings?
          • Can you share a code snippet which allows to reproduce the issue?
          • Do you see any additional information in the PI Web API logs (Admin, Analytic, Debug)?
          • Is there a http response code returned with the error? If so, which one?
          • Any idea what's causing the redirect? Where is the redirect going and is this an https or http resource?

           

          Besides checking our internal databases, I also did a brief internet research which appears to be more promising. With the few details there's a wide range of possible reasons.

          1 of 1 people found this helpful
            • Re: CORS Issue some of the time
              rodp

              Thanks Gregor, you're probably right in saying that its not an issue with the PI Web API, but hopefully some discussion and exposure could highlight the issue.

               

              To answer your questions:

              • What is the PI Web API version?

              Its the latest version - 2017 R2

               

              • Is your application server also hosting PI Web API or is PI Web API installed on a remote host?

              PI Web API is installed on a remote host. The application is an angula-cli app using Angular5

               

              • Do you observe this behavior locally on your application server and / or with remote clients?

              This may be worth looking into further. I have the application running on a remote dev server, and accessing it from the browser on my local machine, which is where the errors sporadically happen.

              However, if I remote into the dev server and browse to the application via http://localhost, the errors don't seem to occur.

               

              • Can you share your PI Web API settings?

              It is a test environment and have tried setting the CorsHeaders and CorsMethods to * as well

              Authentication methods include both Kerberos and Basic

              api-serttings.PNG

               

              • Can you share a code snippet which allows to reproduce the issue?

               

              this.piWebApiService.element.getElements(environment.piAfBaseElementWebId).subscribe({res:any} => {     console.log(res); })

              environment.piAfBaseElementWebId is the WebId of the base element

               

              • Do you see any additional information in the PI Web API logs (Admin, Analytic, Debug)?

              Nothing other than the config changes

               

              • Is there a http response code returned with the error? If so, which one?

              response.PNG

               

              • Any idea what's causing the redirect? Where is the redirect going and is this an https or http resource?

              Using https but with a self-signed certificate. Which I know can cause issues in chrome, but I can usually fix it by browsing to the API and "accepting to proceed"

                • Re: CORS Issue some of the time
                  gregor

                  Hello Rod,

                   

                  What if you remote into the dev server and browse the application as if you would do it from your client (using the server name instead of localhost)?

                   

                  You should be importing the self-signed certificate to the trusted root certificate store of the computer. Alternatively or even better is to replace the self-signed certificate with one which is issued by a trusted Certificate Authority (CA). This blog describes how to use a certificate from a CA within the company domain.