If you configure an additional third-party reverse-proxy server or load balancer in front of the Apache HTTP Server on your SAS Viya deployment, you might encounter issues in your SAS^® web applications. When these issues occur, the following error is displayed:

Symptoms

You might experience any combination of the following symptoms when you are affected by this issue:

• When you attempt to log on to a SAS web application in a Google Chrome browser by entering your credentials on the SAS Logon Manager page, Chrome returns a white page in your browser that just contains the text Invalid CORS request. 
• When you access SAS^® Visual Analytics and other SAS Viya web applications from Chrome, you might experience one or more of the following symptoms:
  • • The Visual Statistics and Visual Data Mining and Machine Learning headings are missing from the Objects pane in SAS Visual Analytics.
  
  
  • • The preview feature for viewing data does not load in the Import Data window in SAS Visual Analytics. 
  
  
  • • SAS Visual Analytics reports generic errors (example, An error was encountered contacting the server).

Problem Confirmation

To confirm that you are affected by the specific problem that is described in this note (and that you should follow the resolution steps below), the following must be true: 

• You have an additional third-party reverse-proxy server or load balancer in front of the Apache HTTP Server on your SAS Viya environment.

• The symptoms do NOT occur if you use Microsoft Internet Explorer instead of Chrome.

• The symptoms do NOT occur if you access your SAS web applications by using the internal URL. That is, you use the URL of the Apache HTTP Server on your SAS Viya deployment rather than the URL of your third-party, reverse-proxy server or load balancer.

• If you run a network trace from your browser and re-create the issue, one (or more) requests result in an HTTP 403 response code with the message Invalid CORS request.

If you need assistance with confirming that you are experiencing this specific issue, contact SAS Technical Support. 

Problem Resolution 

To resolve this issue, add the setting sas.commons.web.security.cors.allowedOrigins by using these steps: 

1. Log on to SAS^® Environment Manager with an administrator account. 

 

2. Select Configuration ► Definitions ► sas.commons.web.security.cors 

 

3. Select sas.commons.web.security.cors and click the Edit icon that is circled below:

 

4. Modify the value for allowedOrigins by adding the host name of your third-party reverse-proxy server or load balancer, as shown in this example:  

5. Click Save to save your changes to that setting. 

 

6. Restart all services in your SAS Viya environment.

After that, try to re-create the issue to ensure that those steps resolve the behavior. If the problem is not resolved, contact SAS Technical Support for assistance.