consumptionwebservice Rest returns: No 'Access-Control-Allow-Origin'

Asked

Viewed 391 times

1

Prazados,

I have a problem to consume a third party Webservice, when trying to find the same by java script the return I receive is:

Xmlhttprequest cannot load http://xxxxxxxxx:yyyyy/sccwebclient/svc/filetransfers/? startedDay%3E2018-05-02T00%3A00%3A00. Response to preflight request doesn’t pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested Resource. Origin 'http://localhost:8080' is therefore not allowed access.

however when trying to consume the same by Postman I can get the desired answer, that a Json, to consume the same it is necessary to pass in the head a login and password, as follows:

Authorization: xxxx

to consume the webservise I created the following script:

function getListaWebService(url){
                $.ajax({
                    'url': url,
                    Type: "GET",
                    dataType: "json",
                    headers: {
                        "Authorization": "xxxx " + geraBase64("xxxx", "yyyy")
                    }
                }).done(function (objJson){
                    console.log("objJson", objJson);
                }).error(function (err) {
                    console.log("err", err);
                }); }

what I did wrong, if it’s cross Domain problem, how can I solve by JS or java?

  • This is because you are working locally (localhost) to work around it see this page https://stackoverflow.com/questions/20035101/why-does-my-javascript-get-a-no-access-control-allow-origin-header-is-present

  • It is okay to be localhost or not, you have to know if on the server a certain request expects something. OPTIONS for example...

2 answers

2


Friend, good morning Try to enable ;CORS on your Webservice in the case in c#, which is the language q use gets like this in the WS method:

[HttpGet]
[EnableCors("AllowSpecificOrigin")]
public IEnumerable < string > Get() {
  return new string[] {
    "value1",
    "value2"
  };
}

1

Recently I’ve been having the same problem and had to study a little CORS:

  • Access-Control-Max-Age -> maximum time it gets curly in the browser.

  • Access-Control-Allow-Origin -> Specifies who has access to certain resource.

  • Access-Control-Allow-Credential -> Checks access credentials as cookies.

  • Access-Control-Allow-Methods -> Specifies which methods are permitted

  • Access-Control-Allow-Headers -> It compares and validates the header during the requisition

You need to check if the server expects some kind of information in the request.

In my case I needed to send one OPTIONS.

Browser other questions tagged

You are not signed in. Login or sign up in order to post.