Troubleshooting

Card Fails to Load Data Due to CORS Issues

Description: Card, embedded in your hosting environment fails to load data, due to CORS error.

Root Cause: If the card uses a remote URL, such as the publicly available Northwind OData service, the browser may refuse to connect to it. Due to the same-origin policy, browsers deny AJAX requests to service endpoints in case the service endpoint has a different domain/subdomain, protocol, or port than the app.

Resolution: In this case the card should not request the data service directly, but should use destination instead.

1. Configure a destination in the card manifest (see card destinations)
2. Make sure that the host environment resolves the destination correctly (see resolving destinations) or that you have a defaultUrl in the manifest which works in your testing environment
3. Check the request made (for example using the browser's Network tab) and ensure it is requesting the correct resource

Useful Links:

• Request Fails Due to Same-Origin Policy (Cross-Origin Resource Sharing - CORS)
• Sample how to test a card in cloud platform application

WebPage Card Fails to Load

Description: The content of a WebPage card doesn't show up. Instead, there is an error message, saying that the origin you have pointed to refused to connect.

Root Cause: The src of the WebPage card is subject to the same-origin policy, which means that cross-origin request are restricted, in order to prevent security vulnerabilities.

Resolution: In case it does not violate security policies, the server can enable Cross-Origin Resource Sharing for the origin where the card resides.

• Same-origin policy
• CSP