First of all, i've the 11.7 version of the PDSOE, so i'm using the PAS for OpenEdge Server...
I'm developing an Angular application and trying to connect it to a REST service published on Progress Application Server, I receive response doing the call with postman, but when i do the call from the brower, it sends me the next message:
Failed to load http://<server>:<port>/<app>/rest/<appService>/<Service>: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://<angular_app>:<port>' is therefore not allowed access.
I understand that i've to modificate the oablSecurity.properties, so, the question is:
Which parameters need to be activated/updated?
First of all, make sure that you add the credentials from Angular:
second, read the site: https://enable-cors.org/ to understand why you get a preflight request.
last: search for the conf/oeablSecurity.properties file and the CORS section:
Make sure that for the time being OECORSFilter.allowAll=true
I agree with bronco. Get familiar with the links provided in bronco's post for background on how things work with CORS.
The response message you are receiving is actually telling you exactly what header the browser is looking for in the OPTIONS call and not seeing. Add 'Access-Control-Allow-Origin' to the OECORSFilter.messageHeaders entry in oeablSecurity.properties, and restart the web app. After doing that you may see the response message change to another header the browser is expecting (say 'X-Requested-With'), and need to also add that.
I read the posts and modified my oeablSecurity but it stills not working....
I deactivated the cors in the browser and it works :/, analizing the responses that I got, I realized that in PASOE v11.7 the response header is incomplete...
Response Header 11.7
Date: Tue, 24 Jul 2018 20:46:17 GMT
while in the version 11.6 it is complete
HTTP/1.1 200 OK
Access-Control-Allow-Methods: PUT, GET, OPTIONS, DELETE, PATCH, POST
Access-Control-Allow-Headers: Access-Control-Request-Headers, Accept-Language, Content-Language, Authorization, Origin, Access-Control-Request-Method, Content-Type, Accept, X-Client-Context-Id, Cache-Control, Pragma
Date: Tue, 24 Jul 2018 20:46:33 GMT
My oeablSecurity.properties in the conf/ directory of my PASOE instance is configured like this
Do you have an idea of what I'm doing wrong?
Thanks for your help,