http requests got blocked by CORS policy

Showing results for 
Search instead for 
Did you mean: 
Active Member II

http requests got blocked by CORS policy

I'm trying to make a get request from ADF to Alfresco comunity 7.0. Here is the code:

export class MydatatableComponent implements OnInit {

  constructor() {
    const alfrescoApi = new AlfrescoApi({
      hostEcm: 'http://localhost:8080'
    const peopleApi = new PeopleApi(alfrescoApi);

    const opts = { 
      'skipCount': 56, /*  | The number of entities that exist in the collection before those included in this list.
    If not supplied then the default value is 0.
      'maxItems': 56 
    peopleApi.listPeople().then((data) => {
      console.log('API called successfully. Returned data: ' + data);
    }, function(error) {

and here is the error I get from the console:

Access to XMLHttpRequest at 'http://localhost:8080/alfresco/api/-default-/public/alfresco/versions/1/people' from origin 'http://localhost:4200' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.

and this my proxy.conf.js

module.exports = {
  "/alfresco/*": {
    "target": "http://localhost:8080",
    "secure": false,
    "changeOrigin": true

I did download enablecors-1.0 and copied it to modules/platform but it didn't work.

What is the problem and how I can fixit?

PS: I also tried to use apiService.getInstance().webScript.executeWebScript

and it didn't work.

Thank you in advance

4 Replies
Alfresco Employee

Re: http requests got blocked by CORS policy

Try using this setting in Alfresco Repository:


You may add this property to

Hyland Developer Evangelist
Active Member II

Re: http requests got blocked by CORS policy

I did add csrf.filter.enabled=false to my and got the same error




Re: http requests got blocked by CORS policy

Some additional info can be found here:


(ACSCE, AWS SAA, Azure Admin)

Re: http requests got blocked by CORS policy

You proxy target needs to point to a remote ACS. So that your app calls localhost that is redirected by proxy. In your example, your proxy is having incorrect target and points to self