Forum Discussion
NimbostratusA site published via the Portal does not work correctly. Cross origin object access
Hello all,
i'm new to the f5 product and don't have much experience in reverse proxy.
We have currently an issue where a site we published through the f5 portal does not word correctly.
In this site we can browse pdf related to the client. When we visualize the first pdf it is ok, but when we are visualizing the next one it doesn't work.
The site use pdf.js to visualize the pdf. The issue appears only in firefox, it seems he is more restrictive than other browser.
When debugging in firefox there's an error, as you can see in the screenshot: "SecurityError: Permission denied to access property "F5_IsScopeChain" on cross-origin object".
The developper think that the problem come from a cross-origin object access, he told us we could try to:
Add a header in each page server response with Access-Control-Allow-Origin and the value *
Or add in each page a html tag <meta http-equiv="Access-Control-Allow-Origin" content="*">
I've looked how to do that, in Security > Application Security > Url in the tab "HTML5 Cross-Domain Request Enforcement" but without success.
I've search in the f5 documentation, but it is not easy to take in hands, and it lacks some real world example.
What is the best way to achieve that?
Kind regards
Geoffrey
ukanoldaithank you for your answer,
we have tried to implement an iRule with this code, but it has no effect and we d'ont see it in the page html source code.
when HTTP_RESPONSE {
HTTP::header insert "Access-Control-Allow-Origin" "*"
}
Should it be visible in it? we see in the statistic that the iRule is executed
You should be able to see the response headers in developer mode (F12). See example below.
