Cisco AnyConnect VPN Client May Block CORS AJAX OPTIONS Requests
For the last few months, I've needed to connect to a remote desktop session using a VPN (Virtual Private Network) client. The one that I was told to use was Cisco's AnyConnect VPN. This works well; but, a few weeks ago, I noticed that all of my CORS (Cross-Origin Resource Sharing) preflight "OPTIONS" requests were failing. Both Firefox and Chrome simply stated that the request was "Aborted"; cURL (curl) reported that the server returned an empty response. After much digging, I discovered that the cause of this CORS failure was the Cisco AnyConnect VPN.
Whenever I made my CORS preflight OPTIONS request, I noticed a number of items showing up in my iMac's console (console.app). All of the items were associated with the process, "acwebsecagent". After much Twitter venting, and some Googling, I came across this Apple Support forum thread, which indicated that the "acwebsecagent" process may be associated with the Cisco AnyConnect VPN.
So, this morning, I uninstalled the Cisco AnyConnect VPN and tried my CORS preflight OPTIONS requests. And, lo and behold, it worked! It was the VPN that was blocking and aborting the CORS AJAX requests.
Once I had narrowed down the culprit, I then reinstalled the Cisco AnyConnect VPN client; but, this time, I made sure not to install the "Web Security" module:
Now, I have the Cisco AnyConnect VPN installed and my CORS preflight OPTIONS requests are still working. Frustrating, but glad to have it solved!
Confirm.I have the same problem and it works for me. Thanks a lot!!
Oh that's awesome to hear!
Thank you so much! This was affecting me for a couple of days now. I had to work my way down the google search results until I finally got to this link. You're a life saver.
Great blog BTW. I too develop SPA apps and have been on AngularJS for about a year. Your posts have helped me out from time to time in the past. Keep up the good work!
Glad I could help! This was driving me nuts! Hopefully I'll get some more AngularJS posts outer there. Been slow (too much work) lately.
I am not sure I understand what you're talking about with BitCoin. Do people have to pay for VPN? That seems odd.
That is 4 hours of my life I will not get back. Seriously thank you for posting this!
@Jazmine is spamming
Ben, I spent 2.5 days trying to figure this out. At one point I hit the end of the internet and had to turn around and go back. Stumbled upon this post.
This solved my problem!!! Thank you very much for this post!!!
Worked for me as well, though you might want to add that it 'only' blocks OPTIONS requests over ports 80 and 8080. To be sure, secure requests were fine.
I just wasted many hours of my time trying to figure out why in the world I couldn't get any OPTIONS requests to the api I'm working on to work....
This solved my problem.
Thank you so much from the bottom of my heart
Glad this is still helping people :D
OMG. I wish I found your article a year ago. Today, I tried to get to the bottom of it and found your post. I was on the verge of reinstalling my Mac. Thanks Ben! I'd like to buy you a beer or ten.
Any other solution without uninstalling Anyconnects' websecure
Wow, thats for the instant headache relief!
Ha ha, glad this is still helping people :D
Clients aside, for those unfamiliar, running your own server using OpenVPN and a cheap fast cloud/vps host like vultr, digitalocean.com, etc. is fairly straighforward in setup to build from scratch or Linux packages managers. And a good excuse to polish your secure networking knowledge, things are changing fast.
I did as a learning experiment 2 years ago, and I still the same instance today. Back then most OS's claimed no support, despite that installed clients on chromeos, rooted android 2.3 LGPrime, ipod/ios, windows vista, ubuntu 12+. It can only be a cinch now.
Travelling abroad? saved my friggin life, and had my back on a Stones presale I would've lost.
you save me!! thx!