Search Unity

  1. Welcome to the Unity Forums! Please take the time to read our Code of Conduct to familiarize yourself with the forum rules and how to post constructively.
  2. Unite 2023 Registrations are now LIVE! We are thrilled to announce that Unite 2023 Registration is now live and open for all!
    Dismiss Notice
New Forum User Notice Unite 2023 Registrations are now LIVE!

WebRequest failed from http

Discussion in 'WebGL' started by arcentalminitte, Jun 2, 2020.

  1. arcentalminitte

    arcentalminitte

    Joined:
    Jun 3, 2018
    Posts:
    2
    I'm trying to use a UnityWebRequest for login at HTTPS link. So far it works for the editor, windows, and android. When I try on a WebGL build it fails and returns "Reason: CORS header ‘Access-Control-Allow-Origin’ missing". The WebGL build works from a HTTPS origin but not a HTTP origin.

    I did some research and it seems like I would have to change something on the webserver side. Is there a way to make it work from a HTTP origin from within unity without changing anything on the server side?

    Both origins are from the same place. (example links)
    https://website123.com/game
    http://website123.com/game
     
    Last edited: Jun 2, 2020
    arcentalminitte, Jun 2, 2020
    #1

  2. surits14

    surits14

    Joined:
    Jan 22, 2018
    Posts:
    22
    Were you able to resolve this issue?
     
    surits14, Sep 28, 2020
    #2

  3. jukka_j

    jukka_j

    Unity Technologies

    Joined:
    May 4, 2018
    Posts:
    944
    If your game code is hosted on http://website123.com/game, and it downloads any network resources from https://website123.com/game, the webserver that is hosting the https://website123.com/game resources *must* provide one of the HTTP response headers

    Access-Control-Allow-Origin: http://website123./com/

    or

    Access-Control-Allow-Origin: *

    in it, to tell the user's web browser that the site http://website123.com/game should be allowed to access https://website123.com/game.

    The protocol part factors into the domain name, so as far as a browser is concerned, "http://website123.com/" is a completely different domain than "https://website123.com/", even though their server name parts read out the same.
     
    jukka_j, Oct 6, 2020
    #3

  4. surits14

    surits14

    Joined:
    Jan 22, 2018
    Posts:
    22
    @jukka_j I am using Unity 2019.4.8f1.
    the domain path this WebGL build is located at is - https
    the request path is also - https

    So this is my code. Is it the correct way to add the header?
    Code (CSharp):
    1.  
    2.         UnityWebRequest request = UnityWebRequestTexture.GetTexture(path);
    3.         request.SetRequestHeader("Access-Control-Allow-Credentials", "true");
    4.         request.SetRequestHeader("Access-Control-Allow-Headers", "Accept, X-Access-Token, X-Application-Name, X-Request-Sent-Time");
    5.         request.SetRequestHeader("Access-Control-Allow-Methods", "GET, POST, OPTIONS");
    6.         request.SetRequestHeader("Access-Control-Allow-Origin", "*");
    7.         yield return request.SendWebRequest();
     
    surits14, Oct 7, 2020
    #4

  5. jukka_j

    jukka_j

    Unity Technologies

    Joined:
    May 4, 2018
    Posts:
    944
    No, unfortunately that is not correct. The "Access-Control-Allow-X" headers are HTTP Response headers (passed as a response to a request that has been initiated) and not HTTP Request headers. The above code specifies HTTP Request headers that will be sent out as part of the request to the server.

    To configure CORS, one has to configure the HTTP Response headers on the remote web server.
     
    jukka_j, Oct 7, 2020
    #5
    fuzzy3d and surits14 like this.

  6. Risine

    Risine

    Joined:
    Dec 10, 2009
    Posts:
    154
    How do we do that on your Unity Share WEBGL server?
     
    Risine, Apr 11, 2022
    #6