Error after Wrap android blocked by CORS policy

book

Article ID: 206303

calendar_today

Updated On:

Products

CA App Experience Analytics

Issue/Introduction

After Wrap an internet mobile application, we can see several times:

"access to XMLHttpRequest at 'https://www.google-analytics.com/j/collect?v=1&dl=http%3A%2F%2Fstaticx%2Fpages%2FSplashCache.html%3FisApp%33Dtrue&ul=es-us has been blocked by CORS policy: Response to preflight request doesn't pass access control check: The value of the 'Access-Control-Allow-Origin' header in the response must not be the wildcard '*' when the request's credentials mode is 'include'. The credentials mode of requests initiated by the XMLHttpRequest is controleed by the withCredentials attribute" 

 

 

Cause

 CORS preflight requests are triggered due to our SDK adding custom APM headers to every XMLHttpRequests. 

Environment

Release : 20.2

Component : APP EXPERIENCE ANALYTICS ENGINE

Resolution

Temp Solution: 
 Add a CORS ignore url list, to our interceptor file and avoid injecting APM headers to requests to those urls. We can add analytics URL to the ignore list.


Long term solution (potential) :
 We do not add headers when the credential more of XmlHttpRequest is included. This could mean that, if this is a global setting APM tracking will be disabled completely. 

A debug SDK can be provided, please contact https://support.broadcom.com/ and refer to this knowledge article in order to get the fix.

 

Attachments