[users@httpd] Need help on CORS ( Cross Origin Resource Sharing ) Issue

Tue, 01 Aug 2017 02:43:00 -0700 

Hello Team,

I need help on the CORS issue and what needs to be configured for the below
error.

User receive CORS error when calling IGC with AJAX Javascript call from the
browser.

"Cross-Origin Request Blocked: The Same Origin Policy disallows reading the
remote resource at
https:<hostname>/ibm/iis/igc-rest/v1/search?pageSize=50&properties=long_description&properties=short_description&properties=labels&properties=database_columns&properties=stewards&properties=assigned_to_terms&properties=name&types=database_table&where={%22operator%22:%22and%22,%22conditions%22:[{%22property%22:%22name%22,%22operator%22:%22containsWords%22,%22value%22:%22CIQ%22},{%22property%22:%22database_schema.database.name%22,%22operator%22:%22=%22,%22value%22:%22BIGSQL%22}]}
<https://services1.iis-prod-cedp.zc2.ibm.com/ibm/iis/igc-rest/v1/search?pageSize=50&properties=long_description&properties=short_description&properties=labels&properties=database_columns&properties=stewards&properties=assigned_to_terms&properties=name&types=database_table&where=%7B%22operator%22:%22and%22,%22conditions%22:%5B%7B%22property%22:%22name%22,%22operator%22:%22containsWords%22,%22value%22:%22CIQ%22%7D,%7B%22property%22:%22database_schema.database.name%22,%22operator%22:%22=%22,%22value%22:%22BIGSQL%22%7D%5D%7D>.
*(Reason: CORS preflight channel did not succeed)*."

Below is the configuration from the config file:
<Location "/">
SetEnvIf Origin ".+" origin_is=$0

                Header set Allow GET,HEAD,POST,OPTIONS,TRACE
                Header set Access-Control-Allow-Origin %{origin_is}e 
env=origin_is
                Header set Access-Control-Allow-Credentials true
                Header set Access-Control-Allow-Headers "X-Requested-With,
Content-Type, Accept, Authorization, Client-Security-Token,
Accept-Encoding"
                Header set Access-Control-Expose-Headers "X-Requested-With,
Content-Type, Accept, Authorization, Client-Security-Token,
Accept-Encoding"
                Header set Access-Control-Allow-Methods "POST, GET, OPTIONS"
                Header set Access-Control-Max-Age: 60
                Header unset X-Frame-Options

</Location>

Could you please help on this.

Thanks & Regards,

Sailaja.

Reply via email to