[GUACAMOLE-1839] JSON auth should set 'Access-Control-Allow-Origin = *' - ASF JIRA

Voters

Watch issue

Watchers

Link

Clone

Update Comment Author

Replace String in Comment

Update Comment Visibility

Delete Comments

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Major
Resolution: Invalid
Affects Version/s: 1.5.2
Fix Version/s: None
Component/s: guacamole-auth-json
Labels:
None

Description

Setup:

Guacamole/guacd: 1.5.2, Docker versions
Browser: Chrome & Firefox (latest)

I'm trying to use the JSON auth and running into a problem where after doing the POST to '<guacamole>/api/tokens' the response (that contains the required login token) is getting blocked due to CORS. Everything works fine otherwise, I can even see the log entry in Guacamole that the login was successful. But the browser is blocking the response due to CORS.

I've got a javascript app (Vue if it matters) running in the browser making the POST call.

What I think should happen (and admitting I'm not an expert in CORS) is that the response to the POST call should set the 'Access-Control-Allow-Origin = *' header in the response to allow the browser to let my app see the response.

I've tried a few simple tests, like using Chrome plugins to either 1) disable CORS checks or 2) set the 'Access-Control-Allow-Origin = *' header in the POST response, and both "fix" the problem.

Attachments

Activity

Comment

This comment will be Viewable by All Users Viewable by All Users

Cancel

People

Assignee:: Unassigned

Reporter:: Kevin Rise

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 31/Jul/23 14:15

Updated:: 31/Jul/23 16:00

Resolved:: 31/Jul/23 16:00

Agile

View on Board

JSON auth should set 'Access-Control-Allow-Origin = *'