question

RobinTan-2402 avatar image
0 Votes"
RobinTan-2402 asked RobinTan-2402 commented

Azure Storage GET not working with url shortner (CORS set to all domain *)

I'm using a url shortner (custom hosted yourls) to redirect to a html page on azure blob storage. It works on a browser but when I do a GET without headers (I need this), it gives me an error.

I have set on CORS on azure storage to allow everything already

119117-image.png



I tested with test-cors.org and it gives me

 Sending GET request to https://yourls.com/testurl
    
 Fired XHR event: loadstart
 Fired XHR event: readystatechange
 Fired XHR event: error
azure-blob-storage
image.png (48.2 KiB)
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

timleyden-msft avatar image
0 Votes"
timleyden-msft answered RobinTan-2402 commented

Given that it works with tinyurl and not your custom service I would focus on what is difference between these two services. When i test with test-cors and tinyurl I can see a cors http header in the response: access-control-allow-origin: http://test-cors.org. Your storage account config looks as permissive as it can get and if that tests okay from test-cors when you use the storage url directly i would be looking elsewhere.

Tim

· 2
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Thanks, I'm reported the issue to yourls too.

https://github.com/YOURLS/YOURLS/discussions/3011

Just to confirm it's not an issue with Azure storage configuration (I know allow * is not good, I've to make sure it works first)

0 Votes 0 ·
deherman-MSFT avatar image
0 Votes"
deherman-MSFT answered deherman-MSFT published

@RobinTan-2402

I just tested this using tinyurl and did not have any issues making a GET request to the tinyurl. I suspect this might be an issue specific to the URL shortener you are using. I recommend testing with some common URL shorteners to see if you are still facing issue. If it is specific to this URL shortener I recommend investigating and perhaps opening up an issue on their GitHub page.

Hope this helps. Let me know if you have further questions or issues and I will be happy to assist.



Please don’t forget to "Accept the answer" and “up-vote” wherever the information provided helps you, this can be beneficial to other community members.

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

RobinTan-2402 avatar image
0 Votes"
RobinTan-2402 answered RobinTan-2402 commented

Hi Deherman, you are correct. It does work on tinyurl, but not yourls. Anyway on the azure storage side to diagnose it (see header request etc?). I could switch shortner but I like to know to diagnose, if possible.

· 4
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Hi @RobinTan-2402
Its likely that the browser is not allowing the request to continue because its enforcing cors on your short url service. If you look at the headers set by a service like tinyurl you can see it adds a cors header in the response for the referrer e.g access-control-allow-origin: http://test-cors.org
. The first thing I would check is that your custom service is doing the same. There maybe some configuration or a plugin you need to add to enable this.
You can enable more logging on the storage account by using a diagnostic setting or enabling the classic logs. This will give you detailed information about failed and successful requests. monitor-blob-storage


0 Votes 0 ·

Thanks , but I have put Allowed Origin * on CORS tab , shold that mean it should be allowed and don't need the header, no?

0 Votes 0 ·

the initial request is going to your url shortening service not to the storage account. Can you confirm you have enabled cors on the url shortening service? This would explain why it works for tinurl and not your custom service. Use the network tab in your browser developer tools to validate the request is actually getting sent to the storage account. If cors isn't the issue and you can see the browser making the request correlate the request with the diagnostic logs i mentioned earlier to see if you can get more information.
Thanks
Tim

0 Votes 0 ·
Show more comments