Origin null is not allowed by Access-Control-Allow-Origin

flaviobonates · October 21, 2021, 3:06pm

I used to build my apps on Phonegap Builder that is not working anymore.
I am using https://volt.build/ to build and generate .ipa (Apple) and .apk (Android).
My webserver is GlassFish 3.2.
My .apk (Android) is working fine. The problem is .ipa. I have tried a lot of things… really… but after I build .ipa (Apple) and try to login, it is showing the message below:

Origin null is not allowed by Access-Control-Allow-Origin.
XMLHttpRequest cannot load http://exames.ceus.med.br:8082/CEUSServerv0-0-1/rest/pacientews/postnovocadastro due to access control checks.
exames.ceus.med.br:8082/CEUSServerv0-0-1/rest/pacientews/postnovocadastro:1
POST http://exames.ceus.med.br:8082/CEUSServerv0-0-1/rest/pacientews/postnovocadastro Origin null is not allowed by Access-Control-Allow-Origin.

Origin null is not allowed by Access-Control-Allow-Origin.
XMLHttpRequest cannot load http://exames.ceus.med.br:8082/CEUSServerv0-0-1/rest/acessows/getinformacoesacesso due to access control checks.
exames.ceus.med.br:8082/CEUSServerv0-0-1/rest/acessows/getinformacoesacesso:1
POST http://exames.ceus.med.br:8082/CEUSServerv0-0-1/rest/acessows/getinformacoesacesso Origin null is not allowed by Access-Control-Allow-Origin.

ghenne · October 22, 2021, 3:07pm

Apple has new security requirements since your PhoneGap days. Apps now have to follow access control rules.

Did you try the suggestions in Tips for PhoneGap Users about iOS?

flaviobonates · November 3, 2021, 9:25pm

Yes, I have tried all the suggestions.

flaviobonates · November 3, 2021, 9:27pm

I also tried to use this plugin “cordova-plugin-wkwebviewxhrfix” but I get this error on processing: UserError: fatal error: ‘CDVWKWebViewEngine.h’ file not found.

Tinamore · November 4, 2021, 2:35am

Hi,
I also got the same error CORS with IOS and fixed it successfully
I use nginx as proxy reserve in front of the backend and add CORS header

if ($request_method ~* "(GET|POST)") {
		  add_header "Access-Control-Allow-Origin"  *;
		}

		# Preflighted requests
		if ($request_method = OPTIONS ) {
		  add_header "Access-Control-Allow-Origin"  *;
		  add_header "Access-Control-Allow-Methods" "GET, POST, OPTIONS, HEAD";
		  add_header "Access-Control-Allow-Headers" "Authorization, Origin, X-Requested-With, Content-Type, Accept";
		  return 200;
		}

The other CORS header will fail

Hope this helps you

flaviobonates · November 4, 2021, 11:45am

Hi, this plugin solve my problem:

flaviobonates · November 4, 2021, 11:45am

This: @ahovakimyan/cordova-plugin-wkwebviewxhrfix