Hello, I am developing a real-time interpretation application through Zoom Apps.
However, I have run into CORS issues while developing this application. This phenomenon occurs in all requests sent to our backend server from within Zoom Apps. Most of the requests our system sends to the server are proxied through the NextJS server so there are no CORS issues, but requests to connect websockets (SockJS + STOMP) (/ws/chat/info) and requests to directly fetch images from the server are sent directly from Zoom Apps to the server, so CORS issues occur.
I have added the server URL to the Domain Allow List and also included the server in the OWASP settings. I have considered various reasons but I am completely unable to find a solution. Please I desperately need help.
Our system structure implements the frontend with React+Next and uses Spring Boot for the backend. And client users directly call the Azure STT service. Also, since there are meeting rooms where real-time interpretation takes place, web socket connections are required.
Currently, since we are prototyping the Zoom App, we have opened a ngrok server locally to handle oAuth work. After handling authentication like that, we connect the Home Page URL to our frontend server to test the actual system.
Since requests proxied through Next work normally, most features work properly but only calls to our server generate errors.
+By the way, I am not using known ports like 3000, 8080, 443.