Question
Capgemini Technology Services India Limited
IN
Last activity: 4 Oct 2018 13:54 EDT
CORS header 'Access-Control-Allow-Origin' missing
Hi Team,
We are facing problem similar to https://collaborate.pega.com/question/cors-pre-flight-requests-failing
Came to know that An enhancement request, FDBK-15480, has been created for consideration by Pega Product Management, but it is still NEW.
Want to know how we can access the REST service exposed in pega application from another web application.
How to overcome below errors:
1. Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://xx.pegacloud.com/. (Reason: CORS header 'Access-Control-Allow-Origin' missing).
2. XMLHttpRequest cannot load https://xx.pegacloud.com/. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'null' is therefore not allowed access.
Any suggestions in this regard is highly appreciated.
Many Thanks,
Vijay Sriram
***Updated by moderator: Lochan to add SR Exists group tag***
**Moderation Team has archived post**
This post has been archived for educational purposes. Contents and links will no longer be updated. If you have the same/similar question, please write a new post.
Accepted Solution
Capgemini Technology Services India Limited
IN
Hi All,
The issue is resolved by using below settings in Service-REST Authorization headers/ request tab:
response.setHeader("Access-Control-Allow-Origin", "*");
response.setHeader("Access-Control-Allow-Methods", "POST, GET, OPTIONS, DELETE ,PUT");
response.setHeader("Access-Control-Max-Age", "3600");
response.setHeader("Access-Control-Allow-Headers", "Origin,Accept,X-Requested-With,Content-Type,Access-Control-Request-Method,Access-Control-Request-Headers,Authorization");
Hope it clarifies.
Many Thanks,
Vijay Sriram
Pegasystems Inc.
US
since you are using tomcat (pegacloud.com), one option is to take advantage of the tomcat CORS support:
http://tomcat.apache.org/tomcat-7.0-doc/config/filter.html#CORS_Filter
Accepted Solution
Capgemini Technology Services India Limited
IN
Hi All,
The issue is resolved by using below settings in Service-REST Authorization headers/ request tab:
response.setHeader("Access-Control-Allow-Origin", "*");
response.setHeader("Access-Control-Allow-Methods", "POST, GET, OPTIONS, DELETE ,PUT");
response.setHeader("Access-Control-Max-Age", "3600");
response.setHeader("Access-Control-Allow-Headers", "Origin,Accept,X-Requested-With,Content-Type,Access-Control-Request-Method,Access-Control-Request-Headers,Authorization");
Hope it clarifies.
Many Thanks,
Vijay Sriram
Cognizant Technology Solutions
US
Hi Vijay,
I have a similar requirement in my project. Can you please give few more information about the solution?
Do we need to give these response.setHeader in response header or request header?Can you also let me know what we need to select for mapped to.
If you can give a sample screenshot it would be much helpful.
Thanks in advance
Elvis M
Infosys Ltd.
US
Hi Elvis- Did you get the solution for rest service issue? I have similar problem, I would appreciate if you can provide some detail as what solution you applied.
Thanks,
Shailendra