Showing results for 
Search instead for 
Do you mean 
Community Home Request Access Read Blogs Share Your Ideas Search Community View My Settings
Copper Super Contributor
Posts: 172
Registered: ‎07-06-2010

SlxMobile CORS "half-working"

I've been working through the documentation in Argos-SDK for setting up CORS. We have multiple devs accessing a single dev location for SDATA so the approach makes sense for us.


I noticed there are still some requests returning 401s. They look like this:



The pages still load, however. 


We went the IHttpModule route and there's a line in the sample on Github that looks funny:

if (request.HttpMethod == Options) context.RewritePath("~/corsPreFlight");

What is that RewritePath argument supposed to be? We dont have that folder, and it's not clear what it's meant to be. It's referenced again in the web.config settings, but I changed it to a wildcard, which appears to work. 
Copper Super Contributor
Posts: 172
Registered: ‎07-06-2010

Re: SlxMobile CORS "half-working"

I've narrowed it down to the fact that the OPTIONS method specifically is failing with 401 - Unauthorized.


I'm reasonably sure that line I mentioned earlier is the issue. I am not sure what to change it to.

Copper Super Contributor
Posts: 172
Registered: ‎07-06-2010

Re: SlxMobile CORS "half-working"

A little more information.


Poked around the IIS logs and saw I'm getting 401.5 errors, and I just know its because the argument is wrong for the RewritePath method. 


I went with the Helicon product (the Lite version) and it works - but I would rather avoid installing another app on the target production server. 


The 401.5 errors are thrown on the sdata URLs themselves. I had to add a couple of extra headers anyway that the documentation doesnt specify just to get the other methods working, but none of them fixed OPTIONS. 


My sdata portal is setup like this:


-> MyWebSiteWithPort

     -> sdata


sdata and MyWebSiteWithPort both have Integrated Windows Auth turned off, with domain account WebDll as the user context for the app pool and anonymous user .


My requests look like this (where 1234 is the port number):

http://mywebsitewithport:1234/sdata/slx/system/restofURL here


The URLs work correctly when browsed to directly. 


I tried changing the RewritePath to look like this:

if (request.HttpMethod == Options) context.RewritePath("~/sdata");


And this in sdata's web.config:

<add verb="*" path="*"  type="MyCompanyNamespace.SData.CrossOriginSupportOptionsHandler, CORSLibrary" />


So something's not right with authorization. Either I'm trying to write to the wrong path, or my IIS configuration is jacked. 

Posts: 51
Registered: ‎12-16-2011

Re: SlxMobile CORS "half-working"

[ Edited ]

Here is my list of headers under system.webServer (in the sdata web.config)


<add name="Access-Control-Allow-Origin" value="*" />
<add name="Access-Control-Allow-Methods" value="GET,POST,PUT,DELETE,OPTIONS" />
<add name="Access-Control-Allow-Headers" value="Authorization,X-Requested-With,X-Authorization,X-Authorization-Mode,Content-Type,If-Match" />
<add name="Access-Control-Allow-Credentials" value="true" />


*EDIT* I also changed my CORS module by stripping it down a bit (dev server):