How to fix CORS issue on Azure VM when running an app on IIS?
We've set up a clean Azure virtual machine so we can run our application on IIS.
The reason we did so is to secure our application using Shibboleth daemon and our IP, SI-PASS (sicas).
When a protected resource is accessed by the user, the daemon automatically intercepts the request and redirects to the IP's endpoint.
The error we're running into is CORS (obscured details for company reasons):
"Access to XMLHttpRequest at 'https://sicas-test.sigov.si/idp/profile/SAML2/Redirect/SSO?SAMLRequest=[...]' (redirected from 'https://test.[...]') from origin 'https://test.[...]' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource."
We've tried just about everything and cannot seem to work around this issue:
- Setting custom headers for access control
- Using IIS CORS module and the