x Want to participate? Join the group to interact
  • State Verified Answer
  • +1 person also asked this people also asked this
  • Replies 4 replies
  • Answers 1 answer
  • Subscribers 141 subscribers
  • Views 2657 views
  • Users 0 members are here
Browse Forums
Announcements
234
topics
29
replies
General Discussion
5k
topics
13k
replies
Sage Data & Analytics
56
topics
95
replies
Sage Enterprise Intelligence
208
topics
407
replies
Sage Intelligence Reporting
121
topics
322
replies
SLANG

Sage X3 Webservice Call with javascript has been blocked by CORS policy (Cross Origin Ressource Calling).

SOLVED
Posted By

Hello,

My client uses Sage X3 and has set up webservices so i can send data to Sage.

I'm currently using javascript (with the jQuery library) and using an ajax call to send data to the Sage webservice.

The problem is that the Ajax query is blocked by the CORS Policy.

This is a standard behavior because sage doesn't return the following header : "Access-Control-Allow-Origin" : "<ORIGIN>"

The problem is that i and my client have no idea how to add this response header to sage.

I understand that Sage X3 is using nodejs so we tried to configure the file nodelocale.js by adding in the security json the following data : 

      security: {

                                            http: {

                                                                                         "x-frame-options": "SAMEORIGIN"

                                            },

                                            cors: {

                                                                          "Access-Control-Allow-Origin": "*",

                                                                          "Access-Control-Allow-Headers": "Origin, X-Requested-With, Content-Type, Accept, Authorization, SOAPAction"

                                                           }

               },

But still, the response header doesn't contain the desired value. Only the "x-frame-options" is currently sent : 

The "cors" part isn't transmitted at all.



Does anyone have some input as to add the proper response header ?


Thanks in advance.

Regards

  • 0

    are you calling web service from localhost? 

  • 0

    you may have to add under security

          http: {
                                      headers: {
                                                    "access-control-allow-origin": "*"
                                      },

    you might have to also add under cors / "Access-Control-Allow-Headers" subsection:   X-Request-With, soapaction, x-requested-with

  • +1 in reply to chris hann
    verified answer

    here is what I have used a few times. No guarantee it will work as I'm not an expert with CORS

    //CORS
    security: {
          http: {
                                      headers: {
                                                    "access-control-allow-origin": "*"
                                      },
            // set 'allow' to define what OPTIONS request can be executed
            "allow": "POST, GET"
                                    },
                      cors: {
                                                    // set 'all access-control' headers wanted for cross-origin calls
                                                    "access-control-allow-origin": "*",
                                                    "Access-Control-Allow-Methods": "GET, POST, DELETE, PUT",
                                                    "Access-Control-Allow-Headers": "Origin, Content-Type, Accept, Authorization, X-Request-With, soapaction, x-requested-with",
                                                    "Access-Control-Allow-Credentials": "true"
                                    }
    },

*Community Hub is the new name for Sage City