CORS error on image fetch request

  • Orfeas Bousoulas

    (@orfibous)


    1 month ago

    Hello,

    we have a missing CORS header error from the Crop Thumbnails plugin in one of our clients site. The problem started after we made some infrastructure changes and split the site to two servers.
    The server configuration has two servers both Ngnix. One server listens to http://www.example.com while the other listens to custom.example.com . The custom prefix serves authors, while www serves all non-logged users. Both servers replicate the site and have synced databases.

    When an author tries to crop an image using the plugin from the media gallery (either list or grid view), the modal loads, the different sizes of the image load on the left side of the modal, but the RAW image on the right side stays loading and the request that fetches the image resource produces a missing CORS error and has status 200. The stack trace on the request is as follows:

    B1/< wp-content/plugins/crop-thumbnails/app/main.js:70:30428 B1 wp-content/plugins/crop-thumbnails/app/main.js:70:29569 onChangeImage/i< wp-content/plugins/crop-thumbnails/app/main.js:71:28328 onChangeImage wp-content/plugins/crop-thumbnails/app/main.js:71:28302 mounted wp-content/plugins/crop-thumbnails/app/main.js:71:17161 mi/
    wp-content/plugins/crop-thumbnails/app/main.js:13:15956
    dispatch
    wp-content/plugins/crop-thumbnails/app/main.js:10:40223
    add/Pe.handle
    wp-content/plugins/crop-thumbnails/app/main.js:10:38158
    (async: EventListener.handleEvent) add
    wp-content/plugins/crop-thumbnails/app/main.js:10:38638
    Ya/< wp-content/plugins/crop-thumbnails/app/main.js:10:37785 each wp-content/plugins/crop-thumbnails/app/main.js:10:2799 each wp-content/plugins/crop-thumbnails/app/main.js:10:1275 Ya wp-content/plugins/crop-thumbnails/app/main.js:10:37761 on wp-content/plugins/crop-thumbnails/app/main.js:10:45181
    wp-content/plugins/crop-thumbnails/app/main.js:13:15707
    Pe
    wp-content/plugins/crop-thumbnails/app/main.js:10:27620
    Deferred/then/k/</xt<
    wp-content/plugins/crop-thumbnails/app/main.js:10:27954
    (async: setTimeout handler) Deferred/then/k/<
    wp-content/plugins/crop-thumbnails/app/main.js:10:28223
    E
    wp-content/plugins/crop-thumbnails/app/main.js:10:25677
    fireWith
    wp-content/plugins/crop-thumbnails/app/main.js:10:26442
    fire
    wp-content/plugins/crop-thumbnails/app/main.js:10:26478
    E
    wp-content/plugins/crop-thumbnails/app/main.js:10:25677
    fireWith
    wp-content/plugins/crop-thumbnails/app/main.js:10:26442
    ready
    wp-content/plugins/crop-thumbnails/app/main.js:10:29628

    It seems that the request although generated by custom.example.com it has its origin set as http://www.example.com .
    We even tried adding access-control-allow: * header via Ngnix, but while all other requests get this header, the specific request that fetches the image does not.
    We have really run out of ideas how to solve this and would appreciate any help! Thank you for your time!

Viewing 1 replies (of 1 total)
  • Plugin Author Volkmar Kantor

    (@volkmar-kantor)

    1 month ago

    There is an ajax request wich gets the needed image-sizes. An request is always generated from the client side, have a look to what server the request is targeted and add the access-control-allow header there.

Viewing 1 replies (of 1 total)
  • You must be logged in to reply to this topic.