Blocked by CORS policy

Hello Team
We are using Nexus 3. From bitbucket cloud, we are trying to connect to nexus repository hosted on-prem through webSEAL URL accessible from internet.

We are unable to login to nexus when accessing it through webSEAL with 403 error and receiving this error Access to XMLHttpRequest at ‘https://Onpremnexus.com/service/rapture/session’ from origin ‘https://webseal/nexus’ has been blocked by CORS policy: Response to preflight request doesn’t pass access control check: No ‘Access-Control-Allow-Origin’ header is present on the requested resource.

The above doesn’t log in request.log file.

While accessing internally, we have no issues with login.

Workflow from internet:
Application/user-> webSEAL → Apache 2 Proxy → Backend nexus application

Workflow internally:
Application/user → Apache 2 Proxy → Backend nexus application

Kindly help me in resolving the issue.

Thanks in advance!!

This doesn’t seem like a Nexus issue.

Hello @mpiggott

Just to elaborate more on my issue for better understanding:
When connecting to Nexus via reverse Proxy (webSEAL) and trying to Sign-In, the Web-Client is forced to connect directly with the backend instead of going via the Proxy.

This request is blocked by the CORS policy, as the backend does not support cross-domain requests (“No ‘Access-Control-Allow-Origin’ header is present on the requested resource.”).

CORS is irrelevant though, because we want to assure that every request to Nexus will be sent via the Proxy and not directly. What needs to be done to support it?

image (1)1920×607 71 KB

Thanks and Regards
Ramya

Attaching another screenshot since I was not able to attach 2 images in previous comment.

image (2)1280×283 60.5 KB

Hello Team,

Could you please help with the above issue.

Thanks in advance !!