Whenever you visit this URL in Safari https://nvm.samengroen.com/plan/basic/497 and look in the console there are errors regarding
access control checks.
The strange part is, when I have the Developer Tool open and reload the page it works fine.
Can someone clarify why it does work with Developer Tools opened. And what may be causing this issue.
This project consists of an
Angular frontend (nvm.samengroen.com) and an
Symfony backend (broker-api.samengroen.com). They both are on the same wildcard SSL certificate, which I’ve found might be the answer, but logging in and viewing other pages which get data from the API works without any problem.
We also tried this in the
.env file, without any result:
###> nelmio/cors-bundle ### CORS_ALLOW_ORIGIN=^https?://.*?$ ###< nelmio/cors-bundle ###
My findings so far:
I’ve been googling around for a solution but can’t find a definitive answer.
google tells me this would probably be because of a combination of
- HTTP/2 capable browsers
- multiple domain certificate (probably a wildcard cert)
- at some point apache wants to renegotiate the TLS which is not supported in the client implementation of http/2
Your server needs to reply to the OPTIONS http method. Not only to GET/POST/PUT/DELETE. Safari silently requests this hidden in the background. You can discover this with a MITM-attack on the connection
Source: Symfony Questions
Was this helpful?
0 / 0