Is there an existing issue for this?
CefSharp Version
120.1.80
Operating System
Windows 11
Architecture
x64
.Net Version
.NET 4.8
Implementation
WinForms
Reproduction Steps
Program.cs
[STAThread] public static void Main() { CefSettings settings = new CefSettings(); // settings.CefCommandLineArgs.Add("disable-web-security", "true"); Cef.Initialize(settings, performDependencyCheck: true, browserProcessHandler: null); Console.WriteLine($"Initialized settings: {Cef.IsInitialized}"); Application.EnableVisualStyles(); Application.SetCompatibleTextRenderingDefault(false); Application.Run(new Form1()); }
Form1.Designer.cs
private void InitializeComponent() { this.components = new System.ComponentModel.Container(); this.AutoScaleMode = System.Windows.Forms.AutoScaleMode.Font; this.ClientSize = new System.Drawing.Size(1920, 1080); this.Text = "Form1"; try { var browser = new ChromiumWebBrowser("www.google.com"); Controls.Add(browser); browser.LoadUrl("https://bla.blob.com/DeliveryUI/htmldelivery/?keycode=5XRRXMGY"); } catch (Exception e) { Console.WriteLine(JsonConvert.SerializeObject(e)); } }
Expected behavior
Content loads in the WinForms
Actual behavior
Content fails to load in the Winforms APP and shows this message:
Access to XMLHttpRequest at 'https://bla.ashx') from origin 'https://bla.bla.com' has been blocked by CORS policy: The value of the 'Access-Control-Allow-Origin' header in the response must not be the wildcard '*' when the request's credentials mode is 'include'. The credentials mode of requests initiated by the XMLHttpRequest is controlled by the withCredentials attribute.", source: https://bla.blob.com/DeliveryUI/htmldelivery/?keycode=5XRRXMGY (0)
Regression?
Yes, this works in CEF Version 119.4.30. I am able to make it work in CEF Version 120+ by adding this arg: settings.CefCommandLineArgs.Add("disable-web-security", "true"), but as it is not needed in 119 and only needed in 120 above, i would rather fix the underlying issue causing the error.
Known Workarounds
settings.CefCommandLineArgs.Add("disable-web-security", "true");
Adding this into the CEFSettings lets the content load
Does this problem also occur in the CEF Sample Application
Yes using WPF/OffScreen command line args
Other information
No response
Is there an existing issue for this?
CefSharp Version
120.1.80
Operating System
Windows 11
Architecture
x64
.Net Version
.NET 4.8
Implementation
WinForms
Reproduction Steps
Program.cs
[STAThread] public static void Main() { CefSettings settings = new CefSettings(); // settings.CefCommandLineArgs.Add("disable-web-security", "true"); Cef.Initialize(settings, performDependencyCheck: true, browserProcessHandler: null); Console.WriteLine($"Initialized settings: {Cef.IsInitialized}"); Application.EnableVisualStyles(); Application.SetCompatibleTextRenderingDefault(false); Application.Run(new Form1()); }Form1.Designer.cs
private void InitializeComponent() { this.components = new System.ComponentModel.Container(); this.AutoScaleMode = System.Windows.Forms.AutoScaleMode.Font; this.ClientSize = new System.Drawing.Size(1920, 1080); this.Text = "Form1"; try { var browser = new ChromiumWebBrowser("www.google.com"); Controls.Add(browser); browser.LoadUrl("https://bla.blob.com/DeliveryUI/htmldelivery/?keycode=5XRRXMGY"); } catch (Exception e) { Console.WriteLine(JsonConvert.SerializeObject(e)); } }Expected behavior
Content loads in the WinForms
Actual behavior
Content fails to load in the Winforms APP and shows this message:
Access to XMLHttpRequest at 'https://bla.ashx') from origin 'https://bla.bla.com' has been blocked by CORS policy: The value of the 'Access-Control-Allow-Origin' header in the response must not be the wildcard '*' when the request's credentials mode is 'include'. The credentials mode of requests initiated by the XMLHttpRequest is controlled by the withCredentials attribute.", source: https://bla.blob.com/DeliveryUI/htmldelivery/?keycode=5XRRXMGY (0)
Regression?
Yes, this works in CEF Version 119.4.30. I am able to make it work in CEF Version 120+ by adding this arg: settings.CefCommandLineArgs.Add("disable-web-security", "true"), but as it is not needed in 119 and only needed in 120 above, i would rather fix the underlying issue causing the error.
Known Workarounds
settings.CefCommandLineArgs.Add("disable-web-security", "true");
Adding this into the CEFSettings lets the content load
Does this problem also occur in the CEF Sample Application
Yes using WPF/OffScreen command line args
Other information
No response