Forum Stats

  • 3,836,791 Users
  • 2,262,191 Discussions
  • 7,900,111 Comments

Discussions

The request cannot be processed because this resource does not support Cross Origin Sharing requests

Mary Bagir
Mary Bagir Member Posts: 148 Blue Ribbon

Hi Guys,

I have oracle database 12.2, apex 18.2, weblogic 12.2.1.3, ords 18.2.; F5 https

ords deployed on weblogic.(http)

Users don't  have any problems running apex applications https://<loadbalance>/... using EI11.

Users don't have problems see login page   https://<loadbalance>/... using Google Chrome, but after login they see error: 403

The request cannot be processed because this resource does not support Cross Origin Sharing requests, or the request Origin is not authorized to access this resource. If ords is being reverse proxied ensure the front end server is propagating the host name, for mod_proxy ensure ProxyPreserveHost is set to On

How can fix it?

Thanks Mary

thatJeffSmith-Oracle

Answers

  • thatJeffSmith-Oracle
    thatJeffSmith-Oracle Distinguished Product Manager Posts: 8,682 Employee
    edited Mar 31, 2020 12:05PM

    you need to tell your f5 load balancer to carry over the https to weblogic, otherwise https => http = CORS violation

  • Mary Bagir
    Mary Bagir Member Posts: 148 Blue Ribbon
    edited Mar 31, 2020 1:28PM

    Can be more specific? we did steps from  article 1923417.1

    Thanks mary

  • thatJeffSmith-Oracle
    thatJeffSmith-Oracle Distinguished Product Manager Posts: 8,682 Employee
    edited Mar 31, 2020 4:28PM

    your load balancer should have a 'X-Forwarded-Proto' to maintain the HTTPS

  • Mary Bagir
    Mary Bagir Member Posts: 148 Blue Ribbon
    edited Apr 1, 2020 10:42AM

    Hi Jeff,

    The network team applied setting according article https://support.f5.com/csp/article/K43444200 and we still have the same problems.

    Do I need apply some changes weblogic, ORDS parameters?

    Thanks Mary

  • thatJeffSmith-Oracle
    thatJeffSmith-Oracle Distinguished Product Manager Posts: 8,682 Employee
    edited Apr 1, 2020 12:10PM

    it might help to record a HAR

  • Mary Bagir
    Mary Bagir Member Posts: 148 Blue Ribbon
    edited Apr 3, 2020 11:59AM

    Hi Jeff,

    sorry for delayed answer.

    -------------------------------------

    {

      "log": {

        "version": "1.2",

        "creator": {

          "name": "WebInspector",

          "version": "537.36"

        },

        "pages": [

          {

            "startedDateTime": "2020-04-03T15:41:58.562Z",

            "id": "page_1",

            "title": "https://apex-dev.corp.kbr.com/ords/wwv_flow.accept",

            "pageTimings": {

              "onContentLoad": 972.7739999943879,

              "onLoad": 969.6079999848735

            }

          }

        ],

        "entries": [

          {

            "startedDateTime": "2020-04-03T15:41:58.560Z",

            "time": 962.7359999835435,

            "request": {

              "method": "POST",

              "url": "https://apex-dev.corp.kbr.com/ords/wwv_flow.accept",

              "httpVersion": "HTTP/1.1",

              "headers": [

                {

                  "name": "Host",

                  "value": "apex-dev.corp.kbr.com"

                },

                {

                  "name": "Connection",

                  "value": "keep-alive"

                },

                {

                  "name": "Content-Length",

                  "value": "1068"

                },

                {

                  "name": "Cache-Control",

                  "value": "max-age=0"

                },

                {

                  "name": "Upgrade-Insecure-Requests",

                  "value": "1"

                },

                {

                  "name": "User-Agent",

                  "value": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36"

                },

                {

                  "name": "Sec-Fetch-Dest",

                  "value": "document"

                },

                {

                  "name": "Origin",

                  "value": "https://apex-dev.corp.kbr.com"

                },

                {

                  "name": "Content-Type",

                  "value": "application/x-www-form-urlencoded"

                },

                {

                  "name": "Accept",

                  "value": "text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9"

                },

                {

                  "name": "Sec-Fetch-Site",

                  "value": "same-origin"

                },

                {

                  "name": "Sec-Fetch-Mode",

                  "value": "navigate"

                },

                {

                  "name": "Sec-Fetch-User",

                  "value": "?1"

                },

                {

                  "name": "Referer",

                  "value": "https://apex-dev.corp.kbr.com/ords/f?p=4550:1:10485101404634:::::"

                },

                {

                  "name": "Accept-Encoding",

                  "value": "gzip, deflate, br"

                },

                {

                  "name": "Accept-Language",

                  "value": "en-US,en;q=0.9"

                },

                {

                  "name": "Cookie",

                  "value": "ORA_WWV_USER_69422605402209=ORA_WWV-GrHsxikD5daZ8I8dr6HtFEpu"

                }

              ],

              "queryString": [],

              "cookies": [

                {

                  "name": "ORA_WWV_USER_69422605402209",

                  "value": "ORA_WWV-GrHsxikD5daZ8I8dr6HtFEpu",

                  "expires": null,

                  "httpOnly": false,

                  "secure": false

                }

              ],

              "headersSize": 835,

              "bodySize": 1068,

              "postData": {

                "mimeType": "application/x-www-form-urlencoded",

                "text": "p_json=%7B%22salt%22%3A%228064350519529666769521703477512172601%22%2C%22pageItems%22%3A%7B%22itemsToSubmit%22%3A%5B%7B%22n%22%3A%22P1_RESET_PASSWORD_LABEL%22%2C%22v%22%3A%22Reset+Password%22%2C%22ck%22%3A%22qpXq-87M8zvsrjuGcuF-bnY3OxS7KMrdWq6hcYHZ8P5ECPbyUnY8Ayzbc_q8qjcw5sRTzfHJUKwGJHHssohQCQ%22%7D%2C%7B%22n%22%3A%22F4550_P1_COMPANY%22%2C%22v%22%3A%22sqs_corporate%22%7D%2C%7B%22n%22%3A%22F4550_P1_USERNAME%22%2C%22v%22%3A%22hbaz251%22%7D%2C%7B%22n%22%3A%22F4550_P1_PASSWORD%22%2C%22v%22%3A%22html251%22%7D%2C%7B%22n%22%3A%22F4550_P1_REMEMBER%22%2C%22v%22%3A%5B%5D%7D%2C%7B%22n%22%3A%22P1_NEXT_APP%22%2C%22v%22%3A%22%22%7D%2C%7B%22n%22%3A%22P1_NEXT_PAGE%22%2C%22v%22%3A%22%22%7D%2C%7B%22n%22%3A%22P1_NEXT_ITEMS%22%2C%22v%22%3A%22%22%7D%2C%7B%22n%22%3A%22P1_NEXT_VALUES%22%2C%22v%22%3A%22%22%7D%5D%2C%22protected%22%3A%22hJS0me2Zgjs_j-d_cAvB1uNkSqj3FSiNozltFi4nvos%22%2C%22rowVersion%22%3A%22%22%7D%7D&p_flow_id=4550&p_flow_step_id=1&p_instance=10485101404634&p_page_submission_id=8064350519529666769521703477512172601&p_request=F4550_P1_PASSWORD&p_reload_on_submit=A",

                "params": [

                  {

                    "name": "p_json",

                    "value": "%7B%22salt%22%3A%228064350519529666769521703477512172601%22%2C%22pageItems%22%3A%7B%22itemsToSubmit%22%3A%5B%7B%22n%22%3A%22P1_RESET_PASSWORD_LABEL%22%2C%22v%22%3A%22Reset+Password%22%2C%22ck%22%3A%22qpXq-87M8zvsrjuGcuF-bnY3OxS7KMrdWq6hcYHZ8P5ECPbyUnY8Ayzbc_q8qjcw5sRTzfHJUKwGJHHssohQCQ%22%7D%2C%7B%22n%22%3A%22F4550_P1_COMPANY%22%2C%22v%22%3A%22sqs_corporate%22%7D%2C%7B%22n%22%3A%22F4550_P1_USERNAME%22%2C%22v%22%3A%22hbaz251%22%7D%2C%7B%22n%22%3A%22F4550_P1_PASSWORD%22%2C%22v%22%3A%22html251%22%7D%2C%7B%22n%22%3A%22F4550_P1_REMEMBER%22%2C%22v%22%3A%5B%5D%7D%2C%7B%22n%22%3A%22P1_NEXT_APP%22%2C%22v%22%3A%22%22%7D%2C%7B%22n%22%3A%22P1_NEXT_PAGE%22%2C%22v%22%3A%22%22%7D%2C%7B%22n%22%3A%22P1_NEXT_ITEMS%22%2C%22v%22%3A%22%22%7D%2C%7B%22n%22%3A%22P1_NEXT_VALUES%22%2C%22v%22%3A%22%22%7D%5D%2C%22protected%22%3A%22hJS0me2Zgjs_j-d_cAvB1uNkSqj3FSiNozltFi4nvos%22%2C%22rowVersion%22%3A%22%22%7D%7D"

                  },

                  {

                    "name": "p_flow_id",

                    "value": "4550"

                  },

                  {

                    "name": "p_flow_step_id",

                    "value": "1"

                  },

                  {

                    "name": "p_instance",

                    "value": "10485101404634"

                  },

                  {

                    "name": "p_page_submission_id",

                    "value": "8064350519529666769521703477512172601"

                  },

                  {

                    "name": "p_request",

                    "value": "F4550_P1_PASSWORD"

                  },

                  {

                    "name": "p_reload_on_submit",

                    "value": "A"

                  }

                ]

              }

            },

            "response": {

              "status": 403,

              "statusText": "Forbidden",

              "httpVersion": "HTTP/1.1",

              "headers": [

                {

                  "name": "Date",

                  "value": "Fri, 03 Apr 2020 15:41:59 GMT"

                },

                {

                  "name": "Content-Length",

                  "value": "13294"

                },

                {

                  "name": "Content-Type",

                  "value": "text/html"

                },

                {

                  "name": "Access-Control-Allow-Credentials",

                  "value": "true"

                },

                {

                  "name": "Access-Control-Expose-Headers",

                  "value": "Error-Reason, Content-Type, Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Credentials, Vary"

                },

                {

                  "name": "X-ORACLE-DMS-RID",

                  "value": "0"

                },

                {

                  "name": "X-ORACLE-DMS-ECID",

                  "value": "1c8dedd4-cb5e-4e90-8e80-2e64c609fb0b-00032d9e"

                },

                {

                  "name": "Access-Control-Allow-Origin",

                  "value": "https://apex-dev.corp.kbr.com"

                },

                {

                  "name": "Vary",

                  "value": "Origin"

                },

                {

                  "name": "Error-Reason",

                  "value": "error=\"Origin\"; error_description*=UTF-8''The%20request%20cannot%20be%20processed%20because%20this%20resource%20does%20not%20support%20Cross%20Origin%20Sharing%20requests%2c%20or%20the%20request%20Origin%20is%20not%20authorized%20to%20access%20this%20resource.%20If%20ords%20is%20being%20reverse%20proxied%20ensure%20the%20front%20end%20server%20is%20propagating%20the%20host%20name%2c%20for%20mod_proxy%20ensure%20ProxyPreserveHost%20is%20set%20to%20On"

                }

              ],

              "cookies": [],

              "content": {

                "size": 13294,

                "mimeType": "text/html",

                "compression": 0,

                "text": "<!DOCTYPE html>\n<html>\n<style type=\"text/css\" media=\"screen\">\nfooter,header{display:block;}\nhtml{font-family:sans-serif;-ms-text-size-adjust:100%;-webkit-text-size-adjust:100%;}\nbody{margin:0;}\nh1{font-size:2em;margin:0.67em 0;}\npre{font-family:monospace, serif;font-size:1em;}\npre{white-space:pre-wrap;}\nimg{border:0;}\nhtml{font-family:-apple-system,BlinkMacSystemFont,\"Segoe UI\",\"Helvetica Neue\",Arial,sans-serif;font-size:0.875em;}\nbody{background-color:#f9fafa;color:#333;}\na{color:#045fab;line-height:inherit;text-decoration:none;}\na:visited{color:#045fab;}\na:hover,a:focus{text-decoration:underline;}\na:active{color:#034379;font-weight:normal;border-radius:1px;}\nh1,h3{color:#252525;font-family:inherit;font-style:normal;font-weight:normal;margin:8px 0;padding:0 0 2px;}\nh1{font-size:2.429rem;font-weight:200;}\nh3{font-size:1.429rem;font-weight:300;}\nul{margin:12px 0;padding-left:40px;}\nul li{line-height:1.25;}\n.oj-text-sm{font-size:0.857rem;}\n.oj-text-secondary-color{color:#4d4d4d;}\n.oj-margin{margin:10px;}\n.oj-panel{border:1px solid #d6dfe6;background-color:#fff;border-radius:1px;box-sizing:border-box;overflow:hidden;padding:0.8571rem;position:relative;}\n.oj-panel-alt4{background-color:#ffe4e1;border-color:#ffcdc8;}\n.oj-flex-bar{position:relative;}\n.oj-flex-bar,.oj-flex-bar-middle,.oj-flex-bar-end{box-sizing:border-box;display:-webkit-flex;display:flex;}\n.oj-flex-bar-middle{-webkit-flex:auto;flex:auto;}\nhtml:not([dir=\"rtl\"]) .oj-flex-bar-end{margin-left:auto;}\[email protected] print, screen{\n.oj-sm-align-items-center{-webkit-align-items:center;align-items:center;}\n}\n.oj-web-applayout-body{overflow-y:scroll;}\n.oj-web-applayout-page{display:-webkit-flex;display:flex;-webkit-flex-direction:column;flex-direction:column;box-sizing:border-box;min-height:100vh;}\[email protected] screen and (-ms-high-contrast: active), (-ms-high-contrast: none){\n.oj-web-applayout-page{height:100vh;min-height:0;}\n}\n.oj-web-applayout-max-width{margin-left:auto;margin-right:auto;width:100%;max-width:1440px;box-sizing:border-box;}\n.oj-web-applayout-header,.oj-web-applayout-footer{-webkit-flex:0 0 auto;flex:0 0 auto;}\n.oj-web-applayout-header{background-color:#f0f0f0;box-shadow:0 3px 3px rgba(0,0,0,0.1);}\n.oj-web-applayout-header>div:first-child{box-sizing:border-box;}\n.oj-web-applayout-header>div:first-child::before{content:\"\";display:inline-block;min-height:3.143rem;visibility:hidden;}\n.oj-web-applayout-header>div,.oj-web-applayout-footer>div{padding-left:20px;padding-right:20px;}\n.oj-web-applayout-header-title{font-size:1.143rem;font-weight:normal;color:#4d4d4d;line-height:0;padding:0;margin:0;}\n.oj-web-applayout-content{-webkit-flex:1 0 auto;flex:1 0 auto;padding:10px;}\n.oj-web-applayout-footer{min-height:3.571rem;box-sizing:border-box;border-top:1px solid #d9dfe3;background-color:#f0f0f0;padding-top:10px;padding-bottom:10px;}\n.oj-web-applayout-footer-item{box-sizing:border-box;display:-webkit-flex;display:flex;-webkit-flex-wrap:wrap;flex-wrap:wrap;-webkit-flex:0 1 auto;flex:0 1 auto;}\[email protected] screen and (max-width: 767px){\n.oj-web-applayout-footer-item{-webkit-justify-content:center;justify-content:center;text-align:center;}\n}\n.oj-web-applayout-footer ul{margin:0;}\nhtml:not([dir=\"rtl\"]) .oj-web-applayout-footer ul{padding-left:0;}\n.oj-web-applayout-footer li{list-style:none;display:inline-block;}\nhtml:not([dir=\"rtl\"]) .oj-web-applayout-footer li{margin-right:10px;margin-left:0;padding-right:10px;border-right:1px solid #d9dfe3;}\nhtml:not([dir=\"rtl\"]) .oj-web-applayout-footer li:last-child{margin-right:0;padding-right:0;border-right:none;}\n.traceBox{overflow-x:auto;overflow-y:auto;max-height:60vh;padding:0.8571rem!important;margin:0;}\n.panelCollapsible{border:1px solid #d6dfe6;background-color:#fff;border-radius:1px;box-sizing:border-box;overflow:hidden;position:relative;}\n.titleCollapsible{padding:0.8571rem!important;border:1px solid #d6dfe6;border-width:0 0 1px;margin:0;}\[email protected]{font-family:\"Segoe UI\";font-weight:100;src:local(\"Segoe UI Light\");}\[email protected]{font-family:\"Segoe UI\";font-weight:200;src:local(\"Segoe UI Semilight\"),local(\"Segoe UI Light\");}\[email protected]{font-family:\"Segoe UI\";font-weight:300;src:local(\"Segoe UI Semilight\"),local(\"Segoe UI Light\");}\[email protected]{font-family:\"Segoe UI\";font-weight:400;src:local(\"Segoe UI\");}\[email protected]{font-family:\"Segoe UI\";font-weight:500;src:local(\"Segoe UI Semibold\");}\[email protected]{font-family:\"Segoe UI\";font-weight:600;src:local(\"Segoe UI Semibold\");}\[email protected]{font-family:\"Segoe UI\";font-weight:700;src:local(\"Segoe UI Bold\");}\[email protected]{font-family:\"Segoe UI\";font-weight:800;src:local(\"Segoe UI Bold\");}\[email protected]{font-family:\"Segoe UI\";font-weight:900;src:local(\"Segoe UI Bold\");}\[email protected]{font-family:\"Helvetica Neue\";font-weight:100;src:local(\"HelveticaNeue-Ultralight\");}\[email protected]{font-family:\"Helvetica Neue\";font-weight:200;src:local(\"HelveticaNeue-Thin\");}\[email protected]{font-family:\"Helvetica Neue\";font-weight:300;src:local(\"HelveticaNeue-Light\");}\[email protected]{font-family:\"Helvetica Neue\";font-weight:400;src:local(\"Helvetica Neue\");}\[email protected]{font-family:\"Helvetica Neue\";font-weight:500;src:local(\"HelveticaNeue-Medium\");}\[email protected]{font-family:\"Helvetica Neue\";font-weight:600;src:local(\"HelveticaNeue-Medium\");}\[email protected]{font-family:\"Helvetica Neue\";font-weight:700;src:local(\"HelveticaNeue-Bold\");}\[email protected]{font-family:\"Helvetica Neue\";font-weight:800;src:local(\"Helvetica-Bold\");}\[email protected]{font-family:\"Helvetica Neue\";font-weight:900;src:local(\"Helvetica-Bold\");}\[email protected]{font-family:\"Arial\";font-weight:100;src:local(\"sans-serif-thin\"),local(\"Arial\");}\[email protected]{font-family:\"Arial\";font-weight:200;src:local(\"sans-serif-thin\"),local(\"Arial\");}\[email protected]{font-family:\"Arial\";font-weight:300;src:local(\"sans-serif-light\"),local(\"Arial\");}\[email protected]{font-family:\"Arial\";font-weight:400;src:local(\"sans-serif-regular\"),local(\"Arial\");}\[email protected]{font-family:\"Arial\";font-weight:500;src:local(\"sans-serif-medium\"),local(\"Arial\");}\[email protected]{font-family:\"Arial\";font-weight:600;src:local(\"sans-serif-medium\"),local(\"Arial\");}\[email protected]{font-family:\"Arial\";font-weight:700;src:local(\"sans-serif-bold\"),local(\"Arial Bold\");}\[email protected]{font-family:\"Arial\";font-weight:800;src:local(\"sans-serif-bold\"),local(\"Arial Bold\");}\[email protected]{font-family:\"Arial\";font-weight:900;src:local(\"sans-serif-bold\"),local(\"Arial Bold\");}\n\t\n\t.oj-collapsible {\n\t    margin-bottom: 0 !important;\n\t}\n\n</style>\n<head>\n\t<title>Forbidden</title>\n\t\n\t<meta charset=\"UTF-8\">\n    <meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">\n</head>\n\n<body class=\"oj-web-applayout-body\">\n    <div id=\"globalBody\" class=\"oj-web-applayout-page\">\n    \n      <header role=\"banner\" class=\"oj-web-applayout-header\">\n        <div class=\"oj-web-applayout-max-width oj-flex-bar oj-sm-align-items-center oj-web-applayout-content\">\n          <div class=\"oj-flex-bar-middle oj-sm-align-items-center\">\n            <a class=\"\" style=\"\" href=\"../../../\"><img style=\"height:40px;margin-right:5px;\" src=\"data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAEAAAABACAYAAACqaXHeAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAACjZJREFUeNrcW2lwFMcV/npmtSDtSgIVOFQsbofDR8DBUAbMZQ6bOEGJAbtI/CN/uA3lMpAygVTioojL5TgYxGUI2BgqgRgfSAKDJIJjbhwwOIAFYaVgCEaCSKuAjj1mOq9nR9JqD+3M7KyBdNW3u6DZmX7fvPe+93p7GOccSQ3GcEdHkvNnd5AAmfAwQSGcJ6j/7wS4CIMJIwjDCEMJ2frfagmHCUcIhwgnCA33OgFddCNH6u8/IKRFzV+cIvq7AcIpnYwmYirvZgLESz/CcMIT+h3+XqzD1TCIK3sJEsGps9NOj40Y4yLhKOEz/b1MO8UdIYAxMc9BurHDdYM7xTpUCTM41vDGOr1OhjOMmBjjhk5Ek5ecJDJ8qSGAsRzdyKa7O0S/WVHurOpGG6XVa/A4Rxghzthh00j4XA+Xgxo5nFdbJ4CxSfT6jG50/1jXjHRnK8Nr8XtSBCExwobr6iK8YzeRUWCWAPGFH0carFjWqxg6+Gweqj/eBW7DCROETSERMCkekfFGeVMM+3QEbDSe5WbBsWUbMleusqceIvgJtwnVumTcjrDFEgFSigo4x9aPAbcb6XNfRLsxI1JzjZaPHisEVCB2skne9efMgjR6TLOMZm3aApYCpuUIWyx5gN2DdcuB4/U3Wk+iZ09k5q9OpQdUWFEBV1MY+WyclPPTA2CjRses6LxjR8F34KBt1/pOeBnOeb05D+C8jl6v2xkG8otzYhsfHgqy7e7/TTzjjeS4crsI0Fx/8RLwI4ehvr0eqKpq/puvsAD+jz4EVxRShfxvLf4jwiRuIhwmxZA/0QLIy5aBpaeDnz4FpehP4DVtyNTX1fDdf39LKAwcCHbffdrnhjX58O0rhVGyHQ/kwvnDn8DRsxeCnkuoX702pQTEnJRIHcGlvw6dZNpzSCs6BF5fD3XVW1AK9yTW7dra5vNyb3UrPY9X6KTPnY2MWbMRPHsWDRvWoX7V6qQSoBECDIVA8M9/AQiispM3b4F8oQyBn+Vpdz1uSHhbimDV+582z9/uyZHI2vwe1FovaqdNQeDsRTMh4ElUUtuWA5QPdyHwWH+w7j2QdsYDedSw+B4QRgCvvhZ/FeWl+ehQ+imCRGr1gIGGjI+4s+XJEFBhuiS9fBOBp0aDtW8Px54SSIMeCd2RieMhPz2uVQg0e8CNQPPnjNkztRjXPs+aAfeKlVAuXoR34tOmGq4wD/hXMgRc1UtsU0M974Hy6m/IggykfbQbzh3biYxiqKcPhbWBesYMBlsZJtw855wHWWvXwC1inJLNf3/xc1MNU5jH+nUbLBLAtcteNiuF0pBHKR6UUKbs2hXsuefBy8rArzdGeYDqbd0Q+/fsAEtLQ/rsOdo7r6yE3O8hpD3Y29rd521TZ6QCN9UUMepDpbzJkF9d1mq9kO/bG5EEa6JCIUQIOcU/vmw5rksXuJe/BsfQkVYISFjOGybAqAdwCufgkqXwd3dB/eNGzcU1w4o/iZkEeW30koi/pKTZO24vfgU3qX5o2PSOrT2AURlsTiJmq0F+gyMwfQakN5bB8doKqJ8Ut77TB/ci+KOJuBWLgD2F2nvdbxdBvZ26KtDYmiBjU+j1fbubomSXxNoaOS0rQlMoB3yQrAd4kp2Q1IcS4chxkB4bAvTuDZZL/87OBiep7CwOuHULak011MuXEfzqK/hPHEOgeJelu282BxjxgA70WmPWA7ReYcHLkKfPBPr0MW8FqYifWueGFW+icfdeq21wR/IAb3IEhKwRNW1HP4yt/goZTPugAMjNtcWl/ftLUZs3HmqdgWsTOoc+1pDxOXaogKnlMZZNcVX6N9uM1zrHseOQtb3Advc3Q4DHKAHS42PBMjNtT2zOpjVE47LmsZOACqMHq8f2A1eu2E5AoKTY1h7ALAGGiyFp8Ggoi38JfuK4PZarKhryV0G5etXWLtAsAcaLIarf5Q2boGzbiuDUZ8F3F5F8mK8geFUVGtat1RZKWVYW0ufNt70IMloHmK8FqAt0iE6OQkF59x2ory8Hy3CBPTIArEdPQg9wl0vLFQrdYZX6AV5TA4XqAOWfF6kWOAfWMQftJ09F9t5SsHbtUlIDmJFBUViJHRtyonsp+n7R+kaNujrw01+Ae8rBL5ND3b4FTv/X6HSS1zghU9Mjd+sGuW9fyP0fpBNFLw9XGtiNotcA4he9dJLBgD0eIE7E2L/pUzeWqBZQ43Sf4o4Pf0JD+HAbDQkDYSSHr2MYMN5MDjDcFmsqUFlpuwr4i/fZ2gVaJiCRE2oqsOhl8C/P2Ga8b+t7UC5cMOMBnjtGgFABac16KPkrobwwDepf94dWh8yqn9eLxi3vaiqgUrOUsXCR7QpgRgVMFUMiuzs2bgYuXYKyaSMCS1+hErkDGHWDrPcDoWWyDtRjUXZXAgFwgkqyp3WDF8oQPH0KkssNZ95PkV2wB8zlsn0hxJwKhJRAbHU7kqgrjKcCvLoa/OTfyTk94FevhJbCfI2oJ5+S3G5N9hwkj3K/fpAHDAQT6mBSBTq1eMFQSoLH7PYAYz+XxyGU5eSAjZ8AjG/9/1lGVcDvNxMC5fbnAM5Fak/YkKrHS8Fv3rRfBUpL2nbQsIqD5lqViiRoSAqlR0dCfWkeuIGsbVgFdr4P5fx5W3sAqwQk7gkosUmr10H93TIEZ80AP3bU0nZWUSX6dmyH96lxWomcsWCh7QpgNgcYlkKR4eUt28DPnYWycQP4/Dlgud3AhjwOqVcvTQVASiH6A22fobdG6wea1gSDnx/T1tScz0xC1o6dkIRipEACrRDgMeM27KGH4XhL3wZHxmm9QHk51MOHqLOoB0jr68hjWHoGpE6d4ejeHc4JE5DxqyWQsrNh0RBPKgkw3hZHDjKOCUQQaNRMUSukwgMsJcE2VeCzEq21tX1FqKjQ9iLICgEViZMXEBw/io6ssM143+4i1D4/2agMmtveJypBUwCu8VBe50FCYxsIzJ3N1TOnuZWhNjbyxsICXjNmBL9O54qHW6GfI7k+p2tm7TH/vABj0+l1iYjqZrdHaB9x3K90JVUYNRFs0GDqBXqH8oE7U1sjUEWFR/GtXP8G6pUrCJZRL3D8KBU+xVAD8d1WdAcRD1eIn/GXk1UbTZlj8YEJEXLiN0MhzoOavUknwswZvSYzthtRDyqcJPyesJOMD5o2xYZHZsbSq+hVJ4SHotGd5UYIcOp3PKw9EpMWW9HeJKMPJDV9Gx+aEpuBFhCmhc81qC/QWSEgXayvts7wohHdRvgDQg9D3JVPjX2XINawZxKaSzhFJ8MIAS7d+LD4Fr9NrieIbaTXjXSfqVOBaFWIh0zCQsLXvCVLcyVCKZqyObVvYkMvV8KOJXgI8wiuuNdJcv6pJKAJaYQXCF+EE6GKhV7CTZ0I3hrHCVMJcsLz3wMEhGMcYS9B5dFGK4RdhBGmznmPEdCE7xO2EvyEBsLbhL6WzpXk/NkdfnpcbCIQa11VSSSxu04Fvt2R5Pz/J8AAZCagClntSh0AAAAASUVORK5CYII=\" /></a>\n            <h1 class=\"oj-web-applayout-header-title\" title=\"Oracle REST Data Services\">\n\t\tOracle REST Data Services\n\t    </h1>\n          </div>\n          <div class=\"oj-flex-bar-end\">\n            <!-- Responsive Toolbar -->\n            \n          </div>\n        </div>\n      </header>\n      <div role=\"main\" class=\"oj-web-applayout-max-width oj-web-applayout-content\">\n      \n      \t\t<div class=\"oj-panel oj-margin oj-panel-alt4\">\n\t\t\t\t<h3>\n\t\t\t\t\t<span style=\"font-weight: bold;\n\t\t\t\t\t\t\t    padding-left: 0.4em;\n\t\t\t\t\t\t\t    color: #e53935;\n\t\t\t\t\t\t\t    font-size: 1.7rem;\">\n\t\t\t\t\t    403\n\t\t\t\t    </span>\n\t\t\t\t\t<span style=\"padding-left: 0.4em;\">Forbidden</span>\n\t\t\t\t</h3>\n\t\t\t</div>\n\t\t\t\n\t\t\t<div id=\"reasons\" class=\"oj-panel oj-margin\">\n\t\t\t\t<ul>\n\t\t\t\t\t<li>\n  \t<span style=\"font-size: 1.1em;\">\n\t\tThe request cannot be processed because this resource does not support Cross Origin Sharing requests, or the request Origin is not authorized to access this resource. If ords is being reverse proxied ensure the front end server is propagating the host name, for mod_proxy ensure ProxyPreserveHost is set to On\n\t</span>\n</li>\n\t\t\t\t</ul>\n\t\t\t\t\n\t        \t\n\t\t\t</div>\n\t\t\t\n\t\t\t\n\t\t\t\n      </div>\n      <footer class=\"oj-web-applayout-footer\" role=\"contentinfo\">\n        <div class=\"oj-web-applayout-footer-item oj-web-applayout-max-width\">\n          <ul>\n            <li><a id=\"aboutOracle\" href=\"http://www.oracle.com/us/corporate/index.html#menu-about\">\n\t\t About Oracle\n\t\t</a>\n\t    </li>\n            <li><a id=\"contactUs\" href=\"http://www.oracle.com/us/corporate/contact/index.html\">\n\t\t Contact Us\n\t\t</a>\n\t    </li>\n            <li><a id=\"legalNotices\" href=\"http://www.oracle.com/us/legal/index.html\">\n\t\t Legal Notices\n\t\t</a>\n\t    </li>\n            <li><a id=\"termsOfUse\" href=\"http://www.oracle.com/us/legal/terms/index.html\">\n\t\t Terms Of Use\n\t\t</a>\n\t    </li>\n            <li><a id=\"yourPrivacyRights\" href=\"http://www.oracle.com/us/legal/privacy/index.html\">\n\t\t Your Privacy Rights\n\t\t</a>\n\t    </li>\n          </ul>\n        </div>\n        <div class=\"oj-web-applayout-footer-item oj-web-applayout-max-width oj-text-secondary-color oj-text-sm\">\n          Copyright © 2014, 2018 Oracle and/or its affiliates All rights reserved.\n        </div>\n      </footer>\n    </div>\n    <script>\n       function noReason() {\n\t\tif(document.getElementById(\"reasons\").children[1] !== undefined) {\n\t\t\tdocument.getElementById(\"reasons\").removeChild(document.getElementById(\"reasons\").children[0]);\n\t\t}\n\t\telse if(document.getElementById(\"reasons\").children[0].children[0] === undefined){\n\t\t\tdocument.getElementById(\"reasons\").remove();\n\t\t}\n       }\n       \n       noReason();\n    </script>\n</body>\n\n</html>\n"

              },

              "redirectURL": "",

              "headersSize": 925,

              "bodySize": 13294,

              "_transferSize": 14219

            },

            "cache": {},

            "timings": {

              "blocked": 72.22399999791197,

              "dns": 0.03100000000000591,

              "ssl": 269.488,

              "connect": 429.521,

              "send": 0.4230000000000018,

              "wait": 258.498999997098,

              "receive": 202.03799998853356,

              "_blocked_queueing": 2.357999997911975,

              "_blocked_proxy": 56.608

            },

            "serverIPAddress": "34.96.1.244",

            "_initiator": {

              "type": "other"

            },

            "_priority": "VeryHigh",

            "_resourceType": "document",

            "connection": "1060",

            "pageref": "page_1"

          }

        ]

      }

    }

  • Mary Bagir
    Mary Bagir Member Posts: 148 Blue Ribbon
    edited Apr 7, 2020 11:23AM

    Hi Jeff,

    I added

    <entry key="security.forceHTTPS">true</entry>

    no errors on Google chrome

    Thanks mary

    Mary BagirthatJeffSmith-Oracleuser8981078omerfarukaltuntas
  • thatJeffSmith-Oracle
    thatJeffSmith-Oracle Distinguished Product Manager Posts: 8,682 Employee
    edited Apr 7, 2020 11:56AM
  • Jaco P.
    Jaco P. Member Posts: 54 Blue Ribbon
    edited May 5, 2022 1:11PM

    If it helps somebody (just found it after searching for the solution for a problem similar to OP):

    Doc ID 2139195.1: "Beginning with ORDS 20.4, a new parameter has been introduced to allow cross-origin calls to its PL/SQL gateway.

    <entry key="security.externalSessionTrustedOrigins">http://example.com, https://example.com:8443</entry>

    "

    Did the trick for me.. (also does not force APEX to be access only via HTTPS - valuable for debugging via backdoor HTTP access)

    Mary Bagir