Widgets are being loaded from a domain named after the current user, not carto.mapping.community

[almereyda]

When adding an empty map and trying to edit its data properties via a widget, the instance tries to connect to a HTTPS host with my username.

Quellübergreifende (Cross-Origin) Anfrage blockiert: Die Gleiche-Quelle-Regel verbietet das Lesen der externen Ressource auf https://yala/api/v1/map/f93869eee7e31ca49a54df53250d75b2:1531227728771/dataview/82b9728f-be67-44ce-a933-e15b25c6039d?bbox=-54.14062500000001,-27.059125784374054,54.14062500000001,66.99884379185184&own_filter=0&api_key=97d1e14723c7f1ce0fea9a303c51adbf947d9689. (Grund: CORS-Anschlag schlug fehl).

This is not a CORS error, but something misconfigured somewhere, since I guess a request to the right API endpoint would bring the needed CORS headers with it.

[kidwellj]

I see what you mean re: the error message.

Can you give me some more data on where you are within the platform? Maybe a screenshot?

[kidwellj]

I'm wondering if this might be related to a fix implemented in a future version of the platform I haven't installed yet: cf. CartoDB/cartodb@179c55f#diff-28387736db23022adcc1c45e34c821fa

[almereyda]

I was also thinking of an upstream issue, interesting you found one.

This seems to be an issue connected with the widgets themselves. None is being displayed.

I guess the call to

https://yala/api/v1/map/f93869eee7e31ca49a54df53250d75b2:1531227728771/dataview/82b9728f-be67-44ce-a933-e15b25c6039d?bbox=-54.14062500000001,-27.059125784374054,54.14062500000001,66.99884379185184&own_filter=0&api_key=97d1e14723c7f1ce0fea9a303c51adbf947d9689

should rather target

https://carto.mapping.community/v1/map/...