Hello, I have implement different REST interfaces. One interface for receiving data from a database. For that I use following schema:
Under tRestResponse I set Access-Control-Allow-Origin = *. That works fine. One interface I use for post data into in db. I use following schema:
Also under tRESTResponse I set Access-Control-Allow-Origin = *. But that not works. Under angularJS I also activate $http.defaults.headers.common = '*'; But in chrome/firefox I receive that error: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:9000' is therefore not allowed access.
If a 1st service uses GET then it means it is a 'simple' CORS request. If you have POST/PUT/DELETE then a browser will do a so-called preflight request first. You can add an OPTIONS flow handler to manage it. FYI a TESB JIRA exists to make this process smoother for the job designers
Yes please, add OPTIONS flow handler to tRESTRequest's URL Handler which will listen on the same URL where POST data will be sent to from a browser - the browser should issue a pre-flight OPTIONS request first - you may need to add few more headers to make it this pre-flight pass, see https://developer.mozilla.org/en-US/docs/Web/HTTP/Access_control_CORS which is one of the best articles. HTH, Sergey