CORS ORIGIN ERROR: Consumer an Soap services from xmlHttpRequest

Question

Question

Youness ARRAF · Jun 22, 2020

#SOAP #Caché

Hi,

call my web service (%SOAP from caché 2012 v) from XmlHttpRequest client generate cors policy error,

Any one help me how i can allow origin in headers requeste.

Thank you.

Discussion (12)1

Log in or sign up to continue

Yuri Marx · Jun 22, 2020

https://medium.com/netscape/hacking-it-out-when-cors-wont-let-you-be-gre...

0 0

Renato Banzai · Jun 23, 2020

CORS isnt a problem, is most a solution for security. You can fix CORS with some workarounds but before I recomend you to understand why CORS exists. Here an article explaining more about both the reason and ways to workaround:

https://medium.com/@dtkatz/3-ways-to-fix-the-cors-error-and-how-access-control-allow-origin-works-d97d55946d9

0 0

score 0 · Answer 1 · 2020-06-22T07:36:58-04:00

Yuri Marx · Jun 22, 2020

In your class set Parameter HandleCorsRequest = 1

0 0

score 0 · Answer 2 · 2020-06-22T08:00:01-04:00

Youness ARRAF · Jun 22, 2020

Thank you YURI MARX GOMES for your replay,

I added this parametrer but not work, generate same error :(

0 0

score 0 · Answer 3 · 2020-06-22T08:08:54-04:00

Yuri Marx · Jun 22, 2020

  Do %response.SetHeader("Access-Control-Allow-Origin","*")

0 0

score 0 · Answer 4 · 2020-06-22T08:22:53-04:00

not work,

I can use this in %Soap.WebService ? bellow my request from frontend client

=============================================================

function soapRequest(){
       var soapMessage = '<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:abon="http://namespace">'+
                           ' <soapenv:Header/>'+
                               '<soapenv:Body>'+
                                   '<abon:ActivationContrat>'+
                                       '<abon:PUBLISH>'+
                                           '<abon:HEADER>'+
                                           '<abon:SENDER_ID>?</abon:SENDER_ID>'+
                                           '<abon:RECEIVER_ID>?</abon:RECEIVER_ID>'+
                                           '<abon:COMPANY>?</abon:COMPANY>'+
                                           '<abon:COUNTRY>?</abon:COUNTRY>'+
                                           '<abon:DATE>?</abon:DATE>'+
                                           ' <abon:MESSAGE_TYPE>?</abon:MESSAGE_TYPE>'+
                                       '</abon:HEADER>'+
                                       '<abon:CONTENT>'+
                                           
                                           '<abon:CONTRAT>'+
                                               '<abon:STORE>?</abon:STORE>'+
                                               '<abon:CASH_DATE>?</abon:CASH_DATE>'+
                                               '<abon:CASH_BOX>?</abon:CASH_BOX>'+
                                               '<abon:CASH_TICKET>?</abon:CASH_TICKET>'+
                                               '<abon:CASH_AMOUNT>?</abon:CASH_AMOUNT>'+
                                               '<abon:EAN>fromtest</abon:EAN>'+
                                               '<abon:ACTIVATION_CODE>3058030416</abon:ACTIVATION_CODE>'+
                                           '</abon:CONTRAT>'+
                                           '</abon:CONTENT>'+
                                       '</abon:PUBLISH>'+
                                   '</abon:ActivationContrat>'+
                               '</soapenv:Body>'+
                               '</soapenv:Envelope>';

           function createSoapRequest(method,url){
               var xhr = new XMLHttpRequest();
               if ("withCredentials" in xhr){
                   console.log("with crediential ok");
                   xhr.open(method,url,false);
                   console.log("opend");
               }/*else if (typeof XDomainRequest != "undefined"){
                   console.log("xDomaineRequest ok");7

               }
               else{
                   console.log("CORS not supportes");
                   xhr=null;
               }*/


               return xhr;
           }

           var xhr = createSoapRequest("POST","http://vmw-app-dev:57772/csp/vdbcen/API.MSP.AbonContract.cls?wsdl");
           if (!xhr){
               console.log("XHR iccue");
               return;
           }

           xhr.onload = function(){
               var result = xhr.responseText;
               console.log(result);
           }

           xhr.setRequestHeader("Content-Type","text/xml");
           xhr.send(soapMessage);

========================================================

score 0 · Answer 5 · 2020-06-22T08:36:17-04:00

Yuri Marx · Jun 22, 2020

Set above instructions in your server cache web service, not in the client.

0 0

score 0 · Answer 6 · 2020-06-22T08:40:16-04:00

Youness ARRAF · Jun 22, 2020

yes, i added it in my web service.

/// HANDLED CORS POLICY
Parameter HandleCorsRequest = 1;

0 0

score 0 · Answer 7 · 2020-06-22T08:51:43-04:00

Yuri Marx · Jun 22, 2020

https://community.intersystems.com/post/enable-cors-csp-zen-applications

0 0

score 1 · Answer 8 · 2020-06-23T06:22:50-04:00

Youness ARRAF · Jun 23, 2020

Thank you agin for your help :)

this solution will be worked on Rest service,

1 0

score 0 · Answer 9 · 2020-06-22T12:56:23-04:00

Can you expose your service as a REST?

Client-side JS is really not suited to working with web services.

@Yuri Marx solution (HandleCorsRequest) would work for REST.

score 0 · Answer 10 · 2020-06-23T06:27:38-04:00

Youness ARRAF · Jun 23, 2020

i can't make my service as REST in caché v 2012. do you have an idea how i can do it ?

Thank you for your replay.

0 0