CORS Problem

[flyfishtom]

Hi, I am having a problem with CORS. When I test my server URL I get success. http://www.test-cors.org/#?client_method=GET&client_credentials=false&server_url=http%3A%2F%2F52.1.183.40&server_enable=true&server_status=200&server_credentials=false&server_tabs=remote

 

 When I test past the server URL I get fail.  http://www.test-cors.org/#?client_method=GET&client_credentials=false&server_url=http%3A%2F%2F52.1.183.40%2Fadserver%2Fwww%2Fdelivery%2Fasyncjs.php&server_enable=true&server_status=200&server_credentials=false&server_tabs=remote

 

http://www.test-cors.org/#?client_method=GET&client_credentials=false&server_url=http%3A%2F%2F52.1.183.40%2Fadserver&server_enable=true&server_status=200&server_credentials=false&server_tabs=remote

Does the adserver have any unique cors settings?

 

Tom

 

[flyfishtom]

Has anyone seen this error before? Is there a setting in Revive Adserver to fix this? It seems to be coming from revive code.

XMLHttpRequest cannot load http://52.1.183.40/adserver/www/delivery/fc.php?script=bannerTypeHtml:vastI…3D3&nz=1&source=&r=R0.05822725687175989&block=1&format=vast3&charset=UTF-8. A wildcard '*' cannot be used in the 'Access-Control-Allow-Origin' header when the credentials flag is true. Origin 'http://www.megabitllc.com' is therefore not allowed access. The credentials mode of an XMLHttpRequest is controlled by the withCredentials attribute.

 

[andrewatfornax]

Hi @flyfishtom,

I don't think there are any settings in Revive Adserver to fix this, but it is potentially a bug. I've just dropped an email to one of the other developers who knows more about this than me, to see if it is...

[andrewatfornax]

Hi @flyfishtom,

This definitely looks like a bug to me - but my colleague has pointed out the &format=vast3 part of the URL. This isn't something that Revive Adserver does - so, I am assuming you are running a 3rd party plugin or have applied a patch?

[flyfishtom]

Sorry for the delay. Yes it's a third party vast 3.0 plugin. I'll follow up with the developer. Thanks for looking at it.

 

Tom

 

[flyfishtom]

Andrew id the Revive server setting credentials to true, possibly for setting a cookie ?

Also, nowhere on my Apache Revive server or my Apache web server am I setting Access-Control-Allow-Origin to "*" so I'm curious if Revive is doing this.

As a result of this I am not able to get Banner Delivery Capping to work. I can enter the caps in the UI but the ads don't play once I set the caps. I think the cookies aren't working. When I set the Campaign to "Show capped ads if cookies are disabled " the ad plays but it doesn't use the caps I set, it plays every time.

Tom

 

https://github.com/whatwg/fetch/issues/251

 

 

 

.

Edited January 5, 2017 by flyfishtom

[andrewatfornax]

Hi @flyfishtom,

I'd have to dig to find out if Revive Adserver is doing this - but does it work when you are not using the 3rd party plugin?

If so, then that would narrow down the setting of the headers to the plugin.

[firstimpression]

As a temp walkaround: if you use nginx as frontend you can add headers in nginx host config.