Cors blocks Discovery URL

Hi, my application adds “Origin: http://localhost:8000” header to the discovery url GET request that causes Forgerock return CORS Error. It happens even when global CORS Filter is disabled. I’ve tried adding redirecti url to localhost, couldn’t find any ‘web origins’ place.
How can I set forgerock to ignore/accept this header?

Thanks in advance

Btw. I’m using angular-oauth2-oidc library for connection

Hi @tapselo

Most browsers don’t play nice with localhost and CORS. Are you able to either edit your hosts file to give an alias (e.g. to use instead of localhost? I also believe most browsers have an argument that can be used when starting them to disable CORS checks, however you’d want to only use that as a last resort.

1 Like

Unfortunately, neither changing the hosts file, nor starting-flags in Chrome, nor primitive tests with changing the header in Postman have any effect.

I guess the problem was with configuration of Tomcat running forgerock inside. New forgerock installation by brand new .war solved the problem.

1 Like