For the last few months, I've needed to connect to a remote desktop session using a VPN (Virtual Private Network) client. The one that I was told to use was Cisco's AnyConnect VPN. This works well; but, a few weeks ago, I noticed that all of my CORS (Cross-Origin Resource Sharing) preflight "OPTIONS" requests were failing. Both Firefox and Chrome simply stated that the request was "Aborted"; cURL (curl) reported that the server returned an empty response. After much digging, I discovered that the cause of this CORS failure was the Cisco AnyConnect VPN.
Whenever I made my CORS preflight OPTIONS request, I noticed a number of items showing up in my iMac's console (console.app). All of the items were associated with the process, "acwebsecagent". After much Twitter venting, and some Googling, I came across this Apple Support forum thread, which indicated that the "acwebsecagent" process may be associated with the Cisco AnyConnect VPN.
So, this morning, I uninstalled the Cisco AnyConnect VPN and tried my CORS preflight OPTIONS requests. And, lo and behold, it worked! It was the VPN that was blocking and aborting the CORS AJAX requests.
Once I had narrowed down the culprit, I then reinstalled the Cisco AnyConnect VPN client; but, this time, I made sure not to install the "Web Security" module:
| || || |
| || |
| || || |
Now, I have the Cisco AnyConnect VPN installed and my CORS preflight OPTIONS requests are still working. Frustrating, but glad to have it solved!
Looking For A New Job?
- Senior .NET Software Developer with API Experience at Marketing Holdings
- ColdFusion & AngularJS Web Developer for rapidly growing startup - at Intuvo
- Senior Coldfusion Web Developer (UK - Kent) at EPG Health Media
- Web Developer at Bridge Catalog
- ColdFusion Developer at Company Confidential
Confirm.I have the same problem and it works for me. Thanks a lot!!
Oh that's awesome to hear!
Thank you so much! This was affecting me for a couple of days now. I had to work my way down the google search results until I finally got to this link. You're a life saver.
Great blog BTW. I too develop SPA apps and have been on AngularJS for about a year. Your posts have helped me out from time to time in the past. Keep up the good work!
Glad I could help! This was driving me nuts! Hopefully I'll get some more AngularJS posts outer there. Been slow (too much work) lately.
If you're using a VPN for this sort of stuff, you'd be not be wise enough to use one which doesn't know your identity. I know of at least one where you can pay with Bitcoins and never give out your name. In my opinion, that's perfect! http://www.sunvpn.net/ Its very easy to use.Its very cheap.It's much better than proxy websites because it contains less amount of virus than proxy website. A VPN service will encrypt all your Internet traffic and redirect through a VPN server to its original intended destination. When connected to SunVPN we will bypass all local Internet restrictions, keep our browsing history private from our ISP or company and hide our actual location (IP address) from the websites you visit.
I am not sure I understand what you're talking about with BitCoin. Do people have to pay for VPN? That seems odd.
That is 4 hours of my life I will not get back. Seriously thank you for posting this!
@Jazmine is spamming
Ben, I spent 2.5 days trying to figure this out. At one point I hit the end of the internet and had to turn around and go back. Stumbled upon this post.
This solved my problem!!! Thank you very much for this post!!!
Worked for me as well, though you might want to add that it 'only' blocks OPTIONS requests over ports 80 and 8080. To be sure, secure requests were fine.
I just wasted many hours of my time trying to figure out why in the world I couldn't get any OPTIONS requests to the api I'm working on to work....
This solved my problem.