Issue
Unable to load K2 sites and Smartforms
Diagnosis
In the network trace, it is noticed that http 500 errors are thrown for requests for scripts and css resources.
Enabling Failed Request Tracing for http 500 produced the following trace:
Opening the requests that produce a http 500 response code on a browser showed the following page:
Based on the above screenshot, it is noticed that the "Access-Control-Allow-Origin" header was already included in the response. It seems the application by default has already included that header in the response for scripts and css resources. In this case, the same header is not required to be added manually in the web.config file.
If that header is added in the web.config, it becomes an error because the application is trying to add the same header twice.
Below is a Microsoft documentation that describes a similar scenario, checkout the section under 0x800700b7
https://docs.microsoft.com/en-us/troubleshoot/developer/webapps/iis/health-diagnostic-performance/http-error-500-19-webpage
Resolution
Please do this on both the Designer and Runtime folder.
Designer Folder: [K2 install drive]K2K2 Smartforms Designer
Runtime Folder: [K2 install drive]K2K2 Smartforms Runtime
- Go to the Smartforms Runtime folder
- Create a backup of the web.config file
- Edit the web.config file
- look for the <customHeaders> section
- Remove/comment out the line below
<add name="Access-Control-Allow-Origin" value="*" />
- Save the web.config
- Do the same for the web.config found in the Smartforms designer folder
- Once done do an IISRESET and K2 Service restart
- Clear the web browser cache
The same error message could appear when node “<add name="X-Content-Type-Options" value="NoSniff" />” is added in the site root.