CORS problem from my local to Iris server with a REST API
I built my rest api with ^%REST and update with CreateApplication.
Postman works fine and I suppose production server will work fine as UI and rest api will be on the same domain, but for now in dev, I need to have access from my local to the Iris rest api. I have a CORS error.
I do not know how to configure my swagger file to have either Parameter HandleCorsRequest=1 or <route Cors=true in the generated displ,cls.
As adviced in community, I tried in my impl.cls
Do ..%SetHeader("Access-Control-Allow-Origin", "*")
I even tried
Do ..%SetHeader("Access-Control-Allow-Headers", "*") // Content-Type,X-Amz-Date,Authorization,X-Api-Key
Do ..%SetHeader("Access-Control-Allow-Methods", "*")
No success
Do I need to set the headers in my swagger file? It is not very elegant....
responses:
statusCode: "200"
responseParameters:
method.response.header.Access-Control-Allow-Headers : "'Content-Type,X-Amz-Date,Authorization,X-Api-Key'"
method.response.header.Access-Control-Allow-Methods : "'*'"
method.response.header.Access-Control-Allow-Origin : "'*'"
Do I need to have my own copy of disp.cls?
Do you have an elegant solution to manage dev and production to do the switch cors or not cors?
Thank you.
I think I found one answer: https://docs.intersystems.com/healthconnect20241/csp/docbook/Doc.View.cl...
x-ISC_CORS
I solved my problem. I do not need anymore Access-Control-Allow-Origin: *, HandleCorsRequest, or x-ISC_DispatchParent. No change in iris code
My UI is in angular, I created a proxy
{
"/api/air": {
"target": "http://server.com:52774",
"secure": false,
"changeOrigin": true
}
}
And my angular server running on http:://localhost:4200 call the api with the url http://localhost:4200/api/air.
A excellent article about cors: https://medium.com/@stephen.biston/resolve-cors-errors-once-and-for-all-...
And https://angular.io/guide/build#proxying-to-a-backend-server
Thank you very much for taking the time to report the solution and great resources back into the community!