X-use-polaris header blocked by CORS policy Amazon Connect Chat

Go to solution
GillesDeLeus
Tera Contributor

‎03-15-2023 09:29 AM

Hi,

 

Can anyone tell me how I can remove the X-use-Polaris header from the requests that ServiceNow sends?

I was working on integrating Amazon Connect Chat widget in my ServiceNow Service portal but ran into a CORS issue when upgrading to Utah.

ServiceNow sends a request to AWS Connect API with the request header "X-Use-Polaris": false. This request header is not allowed by AWS, and I get an error message that a CORS policy has blocked the request. (see request.png and 
error message.png)

I solved this issue by deploying a custom API gateway and allowing the header, but I quickly ran into another issue caused by the X-Use-Polaris header.
After calling the API, the widget tries to send a request to the Amazon Connect participant service once again. This service doesn't allow the X-use-Polaris header and thus results in an error caused by CORS policy (see participant error.png).


I contacted the AWS support team to see if they could solve the issue. They told me that it is not possible for me to customize the allowed headers for the participant service and they won't allow the headers themselves.
They told me that the only way to make the Chat functionality work again is to remove the X-Use-Polaris header from the requests ServiceNow sends.

I have tried to modify the headers that are being sent and was able to add or edit the request headers, but removing the X-Use-Polaris header seems impossible.

Thanks in advance and kind regards

Gilles

Preview file
45 KB
Preview file
17 KB
Preview file
20 KB
0 Helpfuls
  • 1,544 Views
1 ACCEPTED SOLUTION

Go to solution
Vladislav1
Tera Expert
In response to GillesDeLeus

‎03-26-2023 11:37 PM - edited ‎03-28-2023 01:43 AM

Hi @GillesDeLeus,

Good news!

It seems they solved it in Utah Patch 1. So just update your instance. 

They moved that line in the conditional block. Which evaluates to false. For now.

Just one wrong placed line can cause so much headaches and wasted time for so many people. I think they enjoy it.

 

 

 

 

(function(send) {
    if (typeof (NOW.portal_url_suffix) !== 'string' || NOW.portal_url_suffix.trim() === '') {
        return;
    }
    var interfaceEnv = 'Web';
    var interfaceType = 'Service Portal';
    if (isMobile()) {
        interfaceEnv = 'Mobile';
        interfaceType = 'Mobile-Web';
    }
    var headerValue = 'Interface=' + interfaceEnv + ',Interface-Name=' + NOW.portal_url_suffix.toUpperCase() + ',Interface-Type=' + interfaceType + ',Interface-SysID=' + NOW.portal_id;
    var loc = window.location;
    var anchor = document.createElement('a');
    var hasPolarisSupport = (''.indexOf(NOW.portal_id) != -1).toString();
    XMLHttpRequest.prototype.send = function(data) {
        anchor.href = this._url;
        if (anchor.hostname === loc.hostname && anchor.port === loc.port && anchor.protocol === loc.protocol) {
            this.setRequestHeader('X-Transaction-Source', headerValue);
            this.setRequestHeader('X-Use-Polaris', hasPolarisSupport);
        }
        send.call(this, data);
    }
}
)(XMLHttpRequest.prototype.send);

 

 

 

 

 

  

View solution in original post

5 REPLIES 5

Go to solution
Vladislav1
Tera Expert
In response to GillesDeLeus

‎03-26-2023 11:37 PM - edited ‎03-28-2023 01:43 AM

Hi @GillesDeLeus,

Good news!

It seems they solved it in Utah Patch 1. So just update your instance. 

They moved that line in the conditional block. Which evaluates to false. For now.

Just one wrong placed line can cause so much headaches and wasted time for so many people. I think they enjoy it.

 

 

 

 

(function(send) {
    if (typeof (NOW.portal_url_suffix) !== 'string' || NOW.portal_url_suffix.trim() === '') {
        return;
    }
    var interfaceEnv = 'Web';
    var interfaceType = 'Service Portal';
    if (isMobile()) {
        interfaceEnv = 'Mobile';
        interfaceType = 'Mobile-Web';
    }
    var headerValue = 'Interface=' + interfaceEnv + ',Interface-Name=' + NOW.portal_url_suffix.toUpperCase() + ',Interface-Type=' + interfaceType + ',Interface-SysID=' + NOW.portal_id;
    var loc = window.location;
    var anchor = document.createElement('a');
    var hasPolarisSupport = (''.indexOf(NOW.portal_id) != -1).toString();
    XMLHttpRequest.prototype.send = function(data) {
        anchor.href = this._url;
        if (anchor.hostname === loc.hostname && anchor.port === loc.port && anchor.protocol === loc.protocol) {
            this.setRequestHeader('X-Transaction-Source', headerValue);
            this.setRequestHeader('X-Use-Polaris', hasPolarisSupport);
        }
        send.call(this, data);
    }
}
)(XMLHttpRequest.prototype.send);