Fixing 401 Error for site.webmanifest File

  • Resolved delanet

    (@delanet)


    1 month, 4 weeks ago

    The site.webmanifest file is returning a 401 error on the server. This issue can be resolved by updating the <link> element to include the crossorigin="use-credentials" attribute.

    Example:
    original:?<link rel="manifest" href="/site.webmanifest">
    corrected:?<link rel="manifest" href="/site.webmanifest" crossorigin="use-credentials">

    Could you please make this change to prevent unnecessary errors in the console? Thank you.

Viewing 3 replies - 1 through 3 (of 3 total)
  • Plugin Author phbernard

    (@phbernard)

    Hi,

    Unfortunately, this is not possible. Adding crossorigin="use-credentials" has serious security implications, as the browser may now send authentication data to another web site. I’m not in favor of an option either (like “Enable crossorigin="use-credentials"“), because it is quite hard to understand and users could enable it without understanding the implications.

    May I ask you how you end up with this error? In your example, the web manifest is in the root of your site, but there is no issue in this situation, correct? Is your manifest hosted on another domain? If so, is there a reason why its access is restricted?

    Thread Starter delanet

    (@delanet)

    Ugh, you can forget about this. The site was restricted in the .htaccess file to only allow access from my own IP address, which apparently caused the issue. Now that the site is published, that error message in the console has disappeared.

    Plugin Author phbernard

    (@phbernard)

    Great! Thank you for letting me know.

    Best Regards,
    Philippe

Viewing 3 replies - 1 through 3 (of 3 total)
  • You must be logged in to reply to this topic.