We are facing CORS(with Cross Domain Requests) issue. We have implemented the required headers to enable CORS on our server and it works well on any regular network but it fails when the client(browser) is behind a proxy agent/server. An example would be IWSS agent used by KPMG. When we try to make Cross origin requests in that netowrk, despite of appropriate headers we get the following error: "No Access Control Allow Origin header is present"
I would like to add that our api is not hosted on a domain yet. We make a call to an AWS provided public IP and at port 1337 (not 80). Could these possibly be the issue?
Also we're not using SSL, so it is not on https. Could that be the issue?
Apart from this let me know if any more details are required?
Okay, so we finally solved the issue. This was solved by hosting the api to a domain rather then just accessing it by the public IP of the ec2 instance. I really don't understand why that should matter, but it did start working on almost all the company's networks (Airtel, Samsung and KPMG).
Could anyone throw some light on why this started working by hosting it on a domain (app.site.com)? So what we now have is our frontend dashboard is hosted on (dashboard.site.com) and our api is at (api.site.com) which earlier was just a public ip, it was not mapped to a domain.
But that shouldn't be a problem since still it is a CROSS domain request. So why did mapping it to a domain solve the issue?