CORS 11.7

Posted by admire on 23-Jul-2018 12:50

Hi all,

First of all, i've the 11.7 version of the PDSOE, so i'm using the PAS for OpenEdge Server...

I'm developing an Angular application and trying to connect it to a REST service published on Progress Application Server, I receive response doing the call with postman, but when i do the call from the brower, it sends me the next message:

Failed to load http://<server>:<port>/<app>/rest/<appService>/<Service>: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://<angular_app>:<port>' is therefore not allowed access.

I understand that i've to modificate the, so, the question is:

Which parameters need to be activated/updated?

Kind Regards

All Replies

Posted by bronco on 24-Jul-2018 02:13

First of all, make sure that you add the credentials from Angular:

second, read the site: to understand why you get a preflight request.

last: search for the conf/ file and the CORS section:









Make sure that for the time being OECORSFilter.allowAll=true

Posted by brianlafertewk on 24-Jul-2018 05:48

I agree with bronco.  Get familiar with the links provided in bronco's post for background on how things work with CORS.

The response message you are receiving is actually telling you exactly what header the browser is looking for in the OPTIONS  call and not seeing.  Add 'Access-Control-Allow-Origin' to the OECORSFilter.messageHeaders entry in, and restart the web app.  After doing that you may see the response message change to another header the browser is expecting (say 'X-Requested-With'), and need to also add that.

Posted by admire on 25-Jul-2018 09:33

Hi bronco,

I read the posts and modified my oeablSecurity but it stills not working....

I deactivated the cors in the browser and it works :/, analizing the responses that I got, I realized that in PASOE v11.7 the response header is incomplete...

Response Header 11.7

HTTP/1.1 200

Content-Length: 0

Date: Tue, 24 Jul 2018 20:46:17 GMT

while in the version 11.6 it is complete

HTTP/1.1 200 OK

Server: Apache-Coyote/1.1

Access-Control-Allow-Origin: <http_origin>

Access-Control-Allow-Credentials: true

Access-Control-Allow-Methods: PUT, GET, OPTIONS, DELETE, PATCH, POST

Access-Control-Allow-Headers: Access-Control-Request-Headers, Accept-Language, Content-Language, Authorization, Origin, Access-Control-Request-Method, Content-Type, Accept, X-Client-Context-Id, Cache-Control, Pragma

Content-Length: 0

Date: Tue, 24 Jul 2018 20:46:33 GMT

My in the conf/ directory of my PASOE instance is configured like this









Do you have an idea of what I'm doing wrong?

Thanks for your help,

Posted by Brian Laferte on 26-Jul-2018 05:46

Have you tried adding the header the browser is complaining about to your messageHeaders entry and restarting the web app?

Brian Laferte

'Ambition leads me not only farther than any man has been before me, but as far as I think it possible for man to go.' -- James Cooke

This thread is closed