Blocked by CORS policy

Openfire Plugins
1

I am using angular and i am trying to connect with openfire, The connection established successfully, When i try to call get user using httpclient in angular. I got Cors error as below

Access to XMLHttpRequest at ‘http://127.0.0.1:9090/plugins/restapi/v1/users’ from origin ‘http://localhost:4200’ has been blocked by CORS policy: Response to preflight request doesn’t pass access control check: Redirect is not allowed for a preflight request.

I enabled Cors in Web binding Settings and yet it is not working

image
image785×188 4.66 KB

2

Hmm, I would expect that to work. Maybe you have found a bug? Something similar was raised in the past, but we never got more details on that (see Create a system property endpoint does not support CORS · Issue #61 · igniterealtime/openfire-restAPI-plugin · GitHub ).

As an aside: I’m not sure why you’re writing an Angular-based integration with the REST API, but given that you’re using Angular, the chances are high that you’re writing an end-user client. Please be aware that you should not use the REST API in a chat client. The REST API offers administrative functionality. If that is exposed to all clients, you have a security issue.