Showing results for 
Search instead for 
Do you mean 
Community Home Request Access Read Blogs Share Your Ideas Search Community View My Settings
Reply
Highlighted
Copper Super Contributor
Posts: 172
Registered: ‎07-06-2010

SlxMobile CORS "half-working"

I've been working through the documentation in Argos-SDK for setting up CORS. We have multiple devs accessing a single dev location for SDATA so the approach makes sense for us.

 

I noticed there are still some requests returning 401s. They look like this:

http://sdataurl:5697/sdata/somefolder/system/-/useroptions/%24batch?_includeContent=false&select=nam...

 

The pages still load, however. 

 

We went the IHttpModule route and there's a line in the sample on Github that looks funny:

if (request.HttpMethod == Options) context.RewritePath("~/corsPreFlight");
 

What is that RewritePath argument supposed to be? We dont have that folder, and it's not clear what it's meant to be. It's referenced again in the web.config settings, but I changed it to a wildcard, which appears to work. 
 
Thanks.
Highlighted
Copper Super Contributor
Posts: 172
Registered: ‎07-06-2010

Re: SlxMobile CORS "half-working"

I've narrowed it down to the fact that the OPTIONS method specifically is failing with 401 - Unauthorized.

 

I'm reasonably sure that line I mentioned earlier is the issue. I am not sure what to change it to.

Highlighted
Copper Super Contributor
Posts: 172
Registered: ‎07-06-2010

Re: SlxMobile CORS "half-working"

A little more information.

 

Poked around the IIS logs and saw I'm getting 401.5 errors, and I just know its because the argument is wrong for the RewritePath method. 

 

I went with the Helicon product (the Lite version) and it works - but I would rather avoid installing another app on the target production server. 

 

The 401.5 errors are thrown on the sdata URLs themselves. I had to add a couple of extra headers anyway that the documentation doesnt specify just to get the other methods working, but none of them fixed OPTIONS. 

 

My sdata portal is setup like this:

 

-> MyWebSiteWithPort

     -> sdata

 

sdata and MyWebSiteWithPort both have Integrated Windows Auth turned off, with domain account WebDll as the user context for the app pool and anonymous user .

 

My requests look like this (where 1234 is the port number):

http://mywebsitewithport:1234/sdata/slx/system/restofURL here

 

The URLs work correctly when browsed to directly. 

 

I tried changing the RewritePath to look like this:

if (request.HttpMethod == Options) context.RewritePath("~/sdata");

 

And this in sdata's web.config:

<add verb="*" path="*"  type="MyCompanyNamespace.SData.CrossOriginSupportOptionsHandler, CORSLibrary" />

 

So something's not right with authorization. Either I'm trying to write to the wrong path, or my IIS configuration is jacked. 

Highlighted
Employee
Posts: 51
Registered: ‎12-16-2011

Re: SlxMobile CORS "half-working"

[ Edited ]

Here is my list of headers under system.webServer (in the sdata web.config)

 

<httpProtocol>
<customHeaders>
<add name="Access-Control-Allow-Origin" value="*" />
<add name="Access-Control-Allow-Methods" value="GET,POST,PUT,DELETE,OPTIONS" />
<add name="Access-Control-Allow-Headers" value="Authorization,X-Requested-With,X-Authorization,X-Authorization-Mode,Content-Type,If-Match" />
<add name="Access-Control-Allow-Credentials" value="true" />
</customHeaders>
</httpProtocol>

 

*EDIT* I also changed my CORS module by stripping it down a bit (dev server): https://gist.github.com/jbest84/5390790