From b583527c37bd89d2ad749d4ec808c287d6947807 Mon Sep 17 00:00:00 2001 From: maanavd Date: Tue, 23 Jun 2026 14:22:24 -0700 Subject: [PATCH 1/4] Update Foundry CORS proxy endpoint to foundry-cors-proxy Repoint the website's model catalog proxy from the old onnxruntime-foundry-proxy Function App to the newly deployed foundry-cors-proxy Function App. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> --- www/.env.example | 2 +- www/src/routes/models/service.ts | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/www/.env.example b/www/.env.example index 1efc178cd..23b4daec4 100644 --- a/www/.env.example +++ b/www/.env.example @@ -7,7 +7,7 @@ # Public API Endpoint (already configured in code) # This is the Azure Function proxy endpoint for CORS -# PUBLIC_FOUNDRY_API_ENDPOINT=https://onnxruntime-foundry-proxy-hpape7gzf2haesef.eastus-01.azurewebsites.net/api/foundryproxy +# PUBLIC_FOUNDRY_API_ENDPOINT=https://foundry-cors-proxy.azurewebsites.net/api/foundryproxy # Build-time variables # NODE_ENV=production diff --git a/www/src/routes/models/service.ts b/www/src/routes/models/service.ts index 75e2901c1..b2bbfdc60 100644 --- a/www/src/routes/models/service.ts +++ b/www/src/routes/models/service.ts @@ -15,7 +15,7 @@ import type { FoundryModel, GroupedFoundryModel } from './types'; // Azure Function endpoint for CORS proxy const FOUNDRY_API_ENDPOINT = - 'https://onnxruntime-foundry-proxy-hpape7gzf2haesef.eastus-01.azurewebsites.net/api/foundryproxy'; + 'https://foundry-cors-proxy.azurewebsites.net/api/foundryproxy'; export interface ApiFilters { device?: string; From 3e72272b8f5205a29a9739e7526e42a1e347defa Mon Sep 17 00:00:00 2001 From: maanavd Date: Thu, 25 Jun 2026 12:00:02 -0700 Subject: [PATCH 2/4] Retrigger Vercel deployment Creates a no-op commit to request a fresh Vercel deployment for PR #833 without changing source content. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> From 49c43e74028bbbdd983a92e45d3bb722799b9b94 Mon Sep 17 00:00:00 2001 From: maanavd Date: Thu, 25 Jun 2026 12:19:40 -0700 Subject: [PATCH 3/4] Fix models page CORS by avoiding preflight on proxy request The Azure Functions host intercepts CORS preflight OPTIONS requests before the proxy function runs and returns 204 with no Access-Control-Allow-Origin header, so the browser blocks the cross-origin model catalog request from the Vercel-hosted site. Send the proxy POST as a CORS 'simple request' (Content-Type: text/plain instead of application/json). The browser then skips the preflight entirely, and the actual POST response already includes Access-Control-Allow-Origin: *. The proxy parses the body as JSON regardless of Content-Type, so forwarding to the Foundry API is unaffected. Verified end-to-end against the live proxy: /models renders 46 models, all proxy POSTs return 200, no preflight OPTIONS, and the browser console is free of CORS errors. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> --- www/src/routes/models/service.ts | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/www/src/routes/models/service.ts b/www/src/routes/models/service.ts index b2bbfdc60..860907f18 100644 --- a/www/src/routes/models/service.ts +++ b/www/src/routes/models/service.ts @@ -276,10 +276,18 @@ export class FoundryModelService { const requestBody = this.buildRequestBody(device, executionProvider, skip, continuationToken); try { + // NOTE: Content-Type is intentionally "text/plain" (not "application/json"). + // This keeps the request a CORS "simple request" so the browser does NOT + // send a preflight OPTIONS. The Azure Functions host intercepts preflight + // OPTIONS before our proxy code runs and returns 204 with no + // Access-Control-Allow-Origin header, which fails CORS. The proxy parses the + // body as JSON regardless of Content-Type, so sending text/plain is safe and + // avoids the preflight entirely. Do not change this back to application/json + // unless platform-level CORS is configured on the Function App. const response = await fetch(FOUNDRY_API_ENDPOINT, { method: 'POST', headers: { - 'Content-Type': 'application/json', + 'Content-Type': 'text/plain', Accept: 'application/json' }, body: JSON.stringify(requestBody) From 2b2408618bb2d1ecc983cfdca9d532e7138f261a Mon Sep 17 00:00:00 2001 From: maanavd Date: Thu, 25 Jun 2026 15:38:44 -0700 Subject: [PATCH 4/4] Update Foundry Local CORS proxy endpoint Point the website model catalog at the renamed foundry-local-cors-proxy Function App. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> --- www/.env.example | 2 +- www/src/routes/models/service.ts | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/www/.env.example b/www/.env.example index 23b4daec4..a5a52f299 100644 --- a/www/.env.example +++ b/www/.env.example @@ -7,7 +7,7 @@ # Public API Endpoint (already configured in code) # This is the Azure Function proxy endpoint for CORS -# PUBLIC_FOUNDRY_API_ENDPOINT=https://foundry-cors-proxy.azurewebsites.net/api/foundryproxy +# PUBLIC_FOUNDRY_API_ENDPOINT=https://foundry-local-cors-proxy.azurewebsites.net/api/foundryproxy # Build-time variables # NODE_ENV=production diff --git a/www/src/routes/models/service.ts b/www/src/routes/models/service.ts index 860907f18..0be1f2dc6 100644 --- a/www/src/routes/models/service.ts +++ b/www/src/routes/models/service.ts @@ -15,7 +15,7 @@ import type { FoundryModel, GroupedFoundryModel } from './types'; // Azure Function endpoint for CORS proxy const FOUNDRY_API_ENDPOINT = - 'https://foundry-cors-proxy.azurewebsites.net/api/foundryproxy'; + 'https://foundry-local-cors-proxy.azurewebsites.net/api/foundryproxy'; export interface ApiFilters { device?: string;