Announcement

Collapse
No announcement yet.
X
  • Filter
  • Time
Clear All
new posts

    Access to XMLHttpRequest from origin has been blocked by CORS policy

    I'm trying to connect two web applications. The parent that would be the application made with GWT and the child that would be a small application in JSP.

    When the other is called from the parent application, I am getting this message from the console:

    Access to XMLHttpRequest at 'http: // localhost: 8080 / report-viewer / rest / request / execution? Isc_rpc = 1 & isc_v = v11.1p_2017-10-09 & isc_xhr = 1' from origin 'http: // localhost: 7001' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
    In the application with JSP, I have put a CORS Filter with Jersey, and it is set like this:

    Code:
    Configuration config = PropertiesUtil.getProperties();
    
                if (request.getHeaderString("Origin") == null) {
                    return;
                }
    
                if (isPreflightRequest(request)) {
                    response.getHeaders().add("Access-Control-Allow-Credentials", "true");
                    response.getHeaders().add("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE, OPTIONS, HEAD");
                    response.getHeaders().add("Access-Control-Allow-Headers","x-requested-with, Content-Type, If-Modified-Since");
                }
    
    
                response.getHeaders().add("Access-Control-Allow-Origin", config.getString("external.host.url")); // http://localhost:7001
    What would be the required headers to achieve this?

    This is how I'm requesting this webservice in Smart GWT:

    Code:
    DataSource requestReport = new DataSource();
    
        Map<String, String> httpHeaders = new HashMap<String, String>();
        httpHeaders.put("Content-Type", "text/html");
        httpHeaders.put("Accept", "application/x-www-form-urlencoded");
    
        Map<String, String> formparam = new HashMap<>();
        formparam.put("username", "username");
        formparam.put("pass", "password");
        formparam.put("type", type);
        formparam.put("fileUri", fileUri);
        if(parameters != null && parameters.length() > 0) {
          formparam.put("params", parameters);
        }
    
        OperationBinding fetch = new OperationBinding();
        fetch.setOperationType(DSOperationType.FETCH);
        fetch.setDataProtocol(DSProtocol.POSTMESSAGE);
    
        DSRequest dsRequest = new DSRequest();
        dsRequest.setHttpMethod("POST");
        dsRequest.setActionURL("http://localhost:8080/report-viewer/rest/request/execution");
        dsRequest.setContentType("application/x-www-form-urlencoded");
        dsRequest.setHttpHeaders(httpHeaders);
    
        fetch.setRequestProperties(dsRequest);
        requestReport.setOperationBindings(fetch);
    
        final HTMLPane htmlPane = new HTMLPane();
        htmlPane.setHeight100();
        htmlPane.setWidth100();
        htmlPane.setContentsType(ContentsType.PAGE);
    
        requestReport.fetchData(null, new DSCallback() {
    
          @Override
          public void execute(DSResponse dsResponse, Object data, DSRequest dsRequest) {
            Map map = dsResponse.getHttpHeaders();
            String url = map.get("cont-url").toString();
            htmlPane.setContentsURL(url);
          }
    
        });
    UPDATE

    Did a test in soap UI and I'm getting the Access-Control-Allow-Origin header....

    Click image for larger version

Name:	Header Origin.PNG
Views:	356
Size:	4.6 KB
ID:	266523

    Feel like something is missing when I call the webservice from SmartGWT ...
    Last edited by SadBoy; 27 Sep 2021, 14:13.

    #2
    Nevermind. Had to re-configure my CORS filter of the external application again (from zero). Now is allowing the call

    Comment

    Working...
    X