Custom CEP Panel - xhr POST request blocked due to "Origin: file://" request header

Community Beginner ,
Jan 20, 2021

Copy link to clipboard

Copied

Hello,

I've been running a custom CEP/ESTK panel for a couple years and decided to integrate REST data from our ticket tracking software into the panel for convenience and automation.  I can send "GET" XMLHttpRequests and receive responses, but I cannot make successful "POST" requests because the header "Origin: file://" is added automatically, which confuses the server and I get the 500 error "Expected authority at index 7: file://".

 

There seems to be the possibility of patching the server but it could take months to get the right people from IT to hear me out on that, and the answer will probably just be "no".

 

Any ideas on how to work around this issue, or is it just built into Premire's implementation of Chrome (74.0.3729.157, I believe).  I'm using Premiere Pro 14.7.0 (Build 23).

 

Many thanks!  These forums have been invaluable over the years.

TOPICS
SDK

Views

54

Likes

Translate

Translate

Report

Report
Reply
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more

1 Correct Answer

Community Beginner , Jan 21, 2021
Jason_K_ Community Beginner , Jan 21, 2021
I can't seem to delete this post, so I'll note that further research indicates that this is in fact controlled directly by the browser and the header can't be overwritten or removed.  I understand that it's a cross origin security feature, but I believe this particular server is set up to allow access (again, I can GET data), but the "file://" origin would probably have to be specifically allowed on the server side.  

Likes

Translate

Translate
Jump to answer Jump to answer
Community Beginner ,
Jan 21, 2021

Copy link to clipboard

Copied

I can't seem to delete this post, so I'll note that further research indicates that this is in fact controlled directly by the browser and the header can't be overwritten or removed.  I understand that it's a cross origin security feature, but I believe this particular server is set up to allow access (again, I can GET data), but the "file://" origin would probably have to be specifically allowed on the server side.  

Likes

Translate

Translate

Report

Report
Reply
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more