0048402: Private network access preflight CORS header for the Hardware Manager

Openbravo Issue Tracking System - Retail Modules
View Issue Details

ID	Project	Category	View Status	Date Submitted	Last Update
0048402	Retail Modules	Web POS Hardware Manager	public	2022-01-14 09:15	2022-03-17 16:46

Reporter	adrianromero
Assigned To	yogaskarnik
Priority	normal	Severity	major	Reproducibility	have not tried
Status	scheduled	Resolution	open
Platform		OS	5	OS Version
Product Version
Target Version		Fixed in Version
Merge Request Status	open
Review Assigned To
OBNetwork customer	No
Support ticket
Regression level
Regression date
Regression introduced in release
Regression introduced by commit
Triggers an Emergency Pack	No

Summary	0048402: Private network access preflight CORS header for the Hardware Manager
Description	Due to a new Chrome security policy, the hardware manager must add a new header in its CORS preflight responses allowing private network access. New Chrome policy https://developer.chrome.com/blog/private-network-access-preflight/ [^] This header is the following: Access-Control-Allow-Private-Network: true Note: as a good practice the hardware manager should not allow all origins as valid callers: Access-Control-Allow-Origin: * And prevent this configuring it can be invoked only from Openbravo.
Steps To Reproduce	N/A
Proposed Solution
Additional Information
Tags	No tags attached.
Relationships
Attached Files

Issue History
Date Modified	Username	Field	Change
2022-01-14 09:15	adrianromero	New Issue
2022-01-14 09:15	adrianromero	Assigned To	=> adrianromero
2022-01-14 09:15	adrianromero	OBNetwork customer	=> No
2022-01-14 09:15	adrianromero	Triggers an Emergency Pack	=> No
2022-03-09 09:38	adrianromero	Assigned To	adrianromero => yogaskarnik
2022-03-09 09:38	adrianromero	Status	new => acknowledged
2022-03-14 14:05	adrianromero	Status	acknowledged => scheduled
2022-03-17 16:46	hgbot	Merge Request Status	=> open
2022-03-17 16:46	hgbot	Note Added: 0135812

Notes