Error received: error: xhr’get’to URL cross domain [How to Solve]

1. Problems encountered

There was a problem when the browser made a request to access another path:

Error received: Error: XHR 'GET' to URL 'https://widevine.eurofins-digitaltesting.com/cert-required/api/Ik0wR1ZCRUNDTkYi.YRMy4w.kgjp1ExZh2r1lcQezAm5HAfZq3J8vXQTBW-Bhdq-K5Y/cert-details'returned status HTTP 0

Knowledge points: for communication between different domains, when encountering complex requests, the client will not send the real request header first, but send the view request to check whether the two sides can communicate. If the verification is successful, send the real request, and the two sides shake hands three times to establish a connection before communication. Therefore, the server and the client have two connections. The first connection is authentication, and the second connection is to send a request to start communication.

Analysis 1: the return value 0 does not exist in the HTTP status code. The reason for the occurrence of HTTP 0 may indicate that the response is empty (or even there is no return header). Means that the connection has been accepted and then closed normally (TCP fin)

Preliminary conclusion: when sending the view request for the first time, the verification fails and returns 0.

① The reason for the verification failure may be that the client does not have a certificate, resulting in no permission to communicate;

② Possibly CORS, unable to communicate between different domains.

Verification ① 1: report bug #3724 in a3sa defect management system and obtain the certificate required for the test. Convert the certificate into the format required by the TV through OpenSSL and build it into the corresponding directory. The test still fails and the verification fails

Verification ① II: the certificate may be used incorrectly. You may need a built-in certificate to enable the browser to parse the request and conduct two-way verification of the certificate. Certificate two-way verification. If anyone is interested, you can comment and sort it out in my post blog

Verification ②: after compiling the built-in certificate, the test still fails. Viewing the log is indeed a CORS problem.

2. Solution

Add a header to the server-side configuration file:

"Access-Control-Allow-Origin"=>"xxxxx Your Link",

"Access-Control-Allow-Credentials"=>"true"


Read More: