• State Not Answered
  • +1 person also asked this people also asked this
  • Replies 3 replies
  • Subscribers 15 subscribers
  • Views 1748 views
  • Users 0 members are here
Options
Related

Enabling Remote Access Breaks Local Network Access

JMJEngineeringConsulting
オフライン

I've enabled remote access to my Aras server, mostly using tips from this post:
https://www.aras.com/community/f/community/38174/accessing-aras-innovator-instance-outside-the-network-using-ngrok-tunneling/10125

Unfortunately, the addition of the "Content-Security-Policy == upgrade-insecure-requests" HTTP Response Header, which enabled the remote access to work (using Cloudflare tunnel), also seems to have broken local access. If I delete that HTTP Response Header, local access works, but then remote access gets the 'CORS policies' error message.

Any ideas on how to resolve?

Parents Reply Children
  • 0 オフライン in reply to AngelaIp

    Hi Angela,

    Sorry for the delay. This is not my area of expertise, having never configured a distributed Aras instance. I took a quick look at some resources and found the following guidelines for avoiding the CORS policies issues.

    There are a couple of basic causes that should be reviewed:

    1. Ensure you are able to reach the OAuthServer and it is running
      1. A good test for this is to navigate to http://{servername}/{applicationname}/OAuthServer/.well-known/openid-configuration
      2. If you are able to reach this url the OAuthServer component is running and accessible from the machine
    2. Confirm that the OAuthDiscovery URL inside the InnovatorServerConfig.xml is correct
      1. You can pull out the url and use point #1's end point to confirm it is accessable
    3. If this is a distributed environment, confirm that every server is listed in <allowedCorsOrigins> of the OAuthServer/OAuth.config file
      1. A good way to cover all the bases is to ensure that the server name, fully qualified domain name, and IP address for each server is included.

    The third tip might be helpful for people facing this issue. I've also reached out internally to see if I can get any clarification on this error.

    AJ

  • 0 in reply to AJ Sebastian

    Hi AJ,

    thanks again for your help! 

    this wasn't even my thread, I just captured it like a pirate.Smile

    I hope it helps the original author as well. I've seen these kind of CORS error here and there. Sometimes it was actually just a matter of missing SSL settings, but sometimes I couldn't explain it. I'll try your tips next time I work on it. 

    Best regards!

    Angela

Copyright © 2025 Aras. All rights reserved.