Search code examples
angularfiddlerasp.net-core-2.2abp-framework

Empty Trunk Character caused Connection Close and Chrome logged CORS error in browser

Our front-end is Angular and Backend is .Net Core 2.2. I experienced intermittent CORS error (or might be some other issue) when calling from front-end to backend.

When we call backend API in Chrome, Chrome sometimes throws error in the console "...has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.", causing webpag not loading. When error happens, there is no response content and no response header. And the issue could happen when I disable cache (with header or chrome's devtool) and disable CORS (with Chrome Extension).

I guess browser is not able to parse the response body, So I used fiddler to track the response:

Initially I only got Empty Trunk "30 0D 0A 0D 0A" and Fiddler received 500 error. At the same time, Chrome throws CROS error and webpage doesn't load.

Response size is 0

Initial Error Header - Closed Connection

Illegal Empty Trunk Body 30 0D 0A 0D 0A

And if I wait for 30 seconds to 1 minute, the Fiddler record changed from 500 (failure) to 200 (successful):

Chunked Transfer-Encoding

Good Headers

Good Sample Body

It made me think it might be an issue with chunked Transfer-Encoding (as shown in the third picture), so I tried to disable chunked encoding via assigning Response header the ContentLength. But issue still persists.

Kind of desperate on this error. Any insight/suggestion would be really appreciated!

Solution

  • All right. Seems root cause "detected" -- Our company synchronizes user folders to virtual drive automatically, like Pictures/Documents/Temp Folders are all synced to virtual drive. That function ensures no data loss and easier workstation replacement, but we're experiencing a lot of delay when trying to do copy/paste or open any user folder. So once I went to airplane mode or only hit F5 rather than Ctrl+F5, I don't experience the intermittent CORS issue any more. I guess Chrome thinks it's CORS issue perhaps because the response is injected by this 'proxy' layer.

    If anyone has done following things:

    1. Followed exactly correct CORS setup at server side. And CORS logging are all successful. For example: Preflight returns 204; WebDavModule has been disabled so that PUT and DELETE are not prevented; Origin is included in the list of CORS origin list; There is 'Vary: Origin' Response Header.
    2. Tried to disable Chunked Transfer Encoding for Server Responses by setting correct response length in the header.
    3. Tried to disable cache or set up Cache-Control to be 'no-cache' in the response header.
    4. Fiddler's response is able to change from 500 to 200 and receive full response after some waiting period.
    5. Unchecked the automatic detect configuration in "LAN Setting" in Connections tab (Internet Configuration).
    6. Set hostingmode to be 'Inprocess' in web.config.

    Please check if your company has similar synchronization set up...