79326289

Date: 2025-01-03 11:22:18
Score: 0.5
Natty:
Report link

For anyone who might be interested, I'm going to explain in detail the solution to the problem that I have finally confirmed.

This is the cause I indicated in my question. The header access-control-allow-origin that the server returns in the callback may or may not exist. If it exists, its purpose is to tell the browser whether or not to block access to the requested resources. If the header value allows it, no error will occur when trying to use the requested resources in our code (in my case, these are files located in Google Drive and that were generated with the Google Classroom platform).

To find out the values ​​that the header access-control-allow-origin can have, you can consult the following URL (https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin

When the header access-control-allow-origin value is the URL of the origin that makes the call (in my case https://localhost:50656) then no error occurs.

If you navigate to a page other than the one that received the response with the authorization and from there you request access to the server's resources, then the header access-control-allow-origin does not exist in the server response, and as a consequence, you will not be able to access the server's resources because the browser will prevent it.

The entire mechanism that regulates this access control is Cross-Origin Resource Sharing (CORS). Help can be found at the following URL (https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS

For my problem, the solution has been to make the calls to access the resources from the same page that received the response. Although it seems simple and logical, it has not been easy for me to find the solution because the behavior of my website (ASP.NET) when receiving the response from the server was unexpected for me.

I discovered that the response was always directed to the Default.aspx page even if the request was made from another page. Knowing this, I placed the response processing code on that Default.aspx page. Later, I noticed that if I navigated to another page and sent the authorization token to the server from there, the error with status code 404 occurred due to the missing access-control-allow-origin receiving the response from the server. The next step was to apply the solution I described above.

Reasons:
  • Long answer (-1):
  • No code block (0.5):
  • Self-answer (0.5):
  • Low reputation (0.5):
Posted by: Manuel Cera Vera