Upgraded to Omnibus Gitlab CE 15.11.3 and WebIDE causes CORS error in Chrome Client

After upgrading to 15.11.3 when I go to edit a project using the WebIDE button in the project website window, I get a CORS error (see the following reply to this post).

Here are other symptoms we are experiencing:

  • Some of my users can’t use HTTPS to push/pull anymore but they can using SSH.
  • The admin page says I need to upgrade ASAP (see image) but I am upgraded to the latest image.

Any suggestions as to how to fix the most urgent problem (the WebIDE is causing CORs errors)?

We are running this on Ubuntu 22.04.2 LTS (GNU/Linux 5.15.0-71-generic x86_64) The image of our current Gitlab server is below

Thanks for any help!

Update… the error is still happening. I started my chrome debugging tools and saw that webide is causing this error in the browser:

Why is Omnibus Gitlab CE 15.11.3 causing my Chrome browser to have CORS errors when it did not cause these errors previously?

Am I missing updating a configuration setting?

Update… Just upgraded to 15.11.5 still getting the same CORS errors as in my previous reply when trying to use the WebIDE on any project. Any suggestions?

I found the solution to this problem on the web. The problem was that I am using Apache2 to host gitlab-ce. After upgrading Apache2 to the newest patches, I had to edit the security.conf file on the Apache2 server, and, added an “X-Frame-Options:” configuration to accept requests to my server name with a “/” appended to the end of it like this:

Header set X-Frame-Options: “SAMEORIGIN”
Header set X-Frame-Options: “ALLOW-FROM https://my.domain.example/

After doing this, I don’t get CORS errors on the clients anymore.