httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Sailaja Gadireddy <sailaja.gadire...@gmail.com>
Subject [users@httpd] Fwd: Need help on CORS ( Cross Origin Resource Sharing ) Issue
Date Tue, 01 Aug 2017 11:51:57 GMT
Hello Team,

I need help on the CORS issue and what needs to be configured for the below
error.

User receive CORS error when calling IGC with AJAX Javascript call from the
browser.

"Cross-Origin Request Blocked: The Same Origin Policy disallows reading the
remote resource at https:<hostname>/ibm/iis/igc-rest/v1/search?pageSize=50&
properties=long_description&properties=short_description&
properties=labels&properties=database_columns&properties=
stewards&properties=assigned_to_terms&properties=name&
types=database_table&where={%22operator%22:%22and%22,%
22conditions%22:[{%22property%22:%22name%22,%22operator%22:%
22containsWords%22,%22value%22:%22CIQ%22},{%22property%22:
%22database_schema.database.name%22,%22operator%22:%22=%
22,%22value%22:%22BIGSQL%22}]}
<https://services1.iis-prod-cedp.zc2.ibm.com/ibm/iis/igc-rest/v1/search?pageSize=50&properties=long_description&properties=short_description&properties=labels&properties=database_columns&properties=stewards&properties=assigned_to_terms&properties=name&types=database_table&where=%7B%22operator%22:%22and%22,%22conditions%22:%5B%7B%22property%22:%22name%22,%22operator%22:%22containsWords%22,%22value%22:%22CIQ%22%7D,%7B%22property%22:%22database_schema.database.name%22,%22operator%22:%22=%22,%22value%22:%22BIGSQL%22%7D%5D%7D>.
*(Reason: CORS preflight channel did not succeed)*."

Below is the configuration from the config file:
<Location "/">
SetEnvIf Origin ".+" origin_is=$0

	        Header set Allow GET,HEAD,POST,OPTIONS,TRACE
		Header set Access-Control-Allow-Origin %{origin_is}e env=origin_is
		Header set Access-Control-Allow-Credentials true
	        Header set Access-Control-Allow-Headers "X-Requested-With,
Content-Type, Accept, Authorization, Client-Security-Token,
Accept-Encoding"
		Header set Access-Control-Expose-Headers "X-Requested-With,
Content-Type, Accept, Authorization, Client-Security-Token,
Accept-Encoding"
		Header set Access-Control-Allow-Methods "POST, GET, OPTIONS"
		Header set Access-Control-Max-Age: 60
                Header unset X-Frame-Options

</Location>

Could you please help on this.

Thanks & Regards,

Sailaja.

Mime
View raw message