M
Michael Jacobs
Guest
The 'allowAll' property definition: "Allow generic HTTP clients access without requiring CORS headers on each request". If the client does send CORS headers ( which is generally the case with JavaScript clients ) then the server will still do the cross-origin validation and can reject the request. Generally the http response code gives you a clue 403 Forbidden - The CORS headers were required and not found; the client sent a header that was not allowed; client domain not allowed 400 Bad request - the client sent an invalid CORS preflight request 405 The request's method was not allowed You can add debug logging for the com.progress.rest.security package to see details. Mike J. From: alextrs82 bounce-alextrs82@community.progress.com Reply-To: " TU.OE.Development@community.progress.com " TU.OE.Development@community.progress.com Date: Tuesday, March 3, 2015 at 4:57 PM To: " TU.OE.Development@community.progress.com " TU.OE.Development@community.progress.com Subject: [Technical Users - OE Development] REST Method OPTIONS - ERR_EMPTY_RESPONSE REST Method OPTIONS - ERR_EMPTY_RESPONSE Thread created by alextrs82 Get an error: net::ERR_EMPTY_RESPONSE when application makes PUT request, have no problems when request is sent using Postmaster. This started to happen after we moved REST adapter to stand-alone Tomcat 7 server with messenger (it works fine on Tomcat that comes with OE). We use form-OERealm security and configured CORS to allowAll: b:bean id="OECORSFilter" class="com.progress.rest.security.OECORSFilter" b
roperty name="allowAll" value="true" / /b:bean Stop receiving emails on this subject. Flag this post as spam/abuse.
Continue reading...
roperty name="allowAll" value="true" / /b:bean Stop receiving emails on this subject. Flag this post as spam/abuse.Continue reading...