| description |
|---|
CORS restricts access to resources on different domains to ensure privacy and security, allowing website owners to control access. As xApps run inside Xumm, allowing CORS is required for xApps. |
If an xApp integration doesn't allow for running commands, and the console shows messages like "Couldn't connect to host", problems are a result of the same cause: CORS issues.
- The SDK can't reach Xumm (the app), so:
- "Could not contact Xumm host" error appears, and:
- For example: the
openSignRequesttrigger doesn't fire, the Sign Request doesn't open, and: - Xumm keeps on trying, and is stalling the init. to see if the host can be reached - yielding "Attempt n » Retry" console messages (just to make sure it isn't a timing issue).
Check the following things:
- Are you getting this messages from your frontend console, or backend (node?)
- Do you have CORS setup correctly? (Allow iframe loading, allow CORS (origin:
*) - Does your app run over http (instead of https with a valid certificate?)
- Does your app run over https on a non standard (non TCP 443) port?
- Some web server configurations don't allow CORS to work on a subdomain. Try running on a FQDN
While #3 and #4 should be valid, we've seen some Android phones where this prevented the integration from working. We use ngrok to work around the local http and non standard port development issues.
\