Chrome DevTools shows CORS error on console log #17
Description
Overview
I noticed Chrome DevTools shows CORS error (and small JS error) on console log when I open the top page. I guess, it wouldn't affect to our application, but I'm glad if there's some good way not to show this CORS error. If it doesn't happen in your environment, it should be from my environment or my Chrome version.
Chrome DevTools may be too kind?
Access to top page with not-logged-in user
XMLHttpRequest cannot load http://localhost:8181/uaa/oauth/authorize?client_id=acme&redirect_uri=http://localhost:8787/login&response_type=code&state=vGqfBw. Redirect from 'http://localhost:8181/uaa/oauth/authorize?client_id=acme&redirect_uri=http://localhost:8787/login&response_type=code&state=vGqfBw' to 'http://localhost:8181/uaa/login' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:8787' is therefore not allowed access.
( The second error on the picture is just saying that controller.js:193 scope should be $scope. )
flow
Call for /api/user/uaa/v1/me here with not-logged-in status:
is redirected to login
302 Location:http://localhost:8787/login
then to authorize
Location:http://localhost:8181/uaa/oauth/authorize?client_id=acme&redirect_uri=http://localhost:8787/login&response_type=code&state=vGqfBw
I'm not sure but these redirects causes CORS error in console log. But I guess these redirects and CORS error doesn't affect our app because we just want to know whether the user is logged in or not?
Logout
The same error is shown when I click logout link with logged-in status.
logout link returns 302 and Location:http://localhost:8787/login?logout then authorize
My environment
I run apps on my local environment (not docker, but from eclipse because of my laptop's poor memory)
I run following services:
- discovery-service
- edge-service
- user-service
- inventory-service
- catalog-service
- online-store-web
I don't run config-service because I would like to modify properties locally so that I can run apps from Eclipse. (Actually I don't need catalog and inventory services when I just reproduce this issue if I don't care 500 error for catalog-service call).
I made some modifications of configurations so that I can run them in my laptop local.
bufferings/spring-cloud-event-sourcing-example@60d4869
My Chrome version
'Version 54.0.2840.71 (64-bit)' for Mac. and I use Incognito Mode to check the app.
Small things
scope
controller.js:193 scope should be $scope
angular.js:9383 ReferenceError: scope is not defined
at controller.js:193
at angular.js:7560
at wrappedErrback (angular.js:10914)
at wrappedErrback (angular.js:10914)
at angular.js:11040
at Scope.$eval (angular.js:11906)
at Scope.$digest (angular.js:11734)
at Scope.$apply (angular.js:12012)
at done (angular.js:7818)
at completeRequest (angular.js:7991)
favicon access
Login page and authorize page show favicon 401 error.
favicon.ico:1 GET http://localhost:8181/uaa/favicon.ico 401 (Unauthorized)
rootScope
It shows '$rootScope is not defined' error when I click logout link.
angular.js:9383 ReferenceError: $rootScope is not defined
at controller.js:174
at angular.js:7560
at wrappedErrback (angular.js:10914)
at wrappedErrback (angular.js:10914)
at angular.js:11040
at Scope.$eval (angular.js:11906)
at Scope.$digest (angular.js:11734)
at Scope.$apply (angular.js:12012)
at done (angular.js:7818)
at completeRequest (angular.js:7991)