Enable CORS in ApplicationServices.cs situation

I have just spent several days to solve the problem I had with custom external authentication mechanism. Everything worked fine with Internet Explorer and Edge but for Chrome, Firefox or Opera the response from the authentication server was never processed.
After few days, with multiple breakpoints inspection, I have realized that the problem was in one method called EnableCors which was always set to return false. When I turn it to true, everything is doing well. That is for the TouchUi, aspx version of the project.
But, for the SPA version, COT makes this already return true! Can somebody explain why is this the case?
2 people have
this question
  • Touch UI apps allow cross domain requests coming from the web views/browsers that were not loaded from the same domain as the app.

    This makes possible using Touch UI application as a back-end for a custom web and mobile apps.

    We have enabled CORS by default to support the initial implementation of Cloud on Time platform. HTML page implementation is required for Cloud On Time. That is the reason why CORS is enabled by default in Touch UI apps with HTML page implementation.

    The current implementation of Cloud On Time executes direct native calls to the server back-end. We do not rely on the Web Browser / Web View to complete the call. CORS can be disabled. A handful of customers do have custom apps on top of applications created with Code on Time. That's the reason we have left the "true" state for CORS in Touch UI apps with HTML page model.
  • (some HTML allowed)
    How does this make you feel?
    Add Image

    e.g. kidding, amused, unsure, silly happy, confident, thankful, excited indifferent, undecided, unconcerned sad, anxious, confused, frustrated