[ 
https://issues.apache.org/jira/browse/UNOMI-170?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16389229#comment-16389229
 ] 

Serge Huber commented on UNOMI-170:
-----------------------------------

Hello Mitesh,

Thanks for your interest in Unomi.

All the CXS APIs are protected by authentication and should have the pre-flight 
setup for all requests (see 
[https://github.com/apache/incubator-unomi/blob/unomi-root-1.2.0-incubating/rest/src/main/java/org/apache/unomi/rest/RulesServiceEndPoint.java]
 in the annotations), so in your AJAX request did you make sure you are 
authenticating and then passing the credentials over to the rules API request ? 
I see that you had an authentication error before the OPTIONS request.

Here's a resource that might be helpful.

[https://gist.github.com/mlynch/be92735ce4c547bd45f6]

Otherwise could you provide a test sample that reproduces the problem ? I tried 
reproducing it with this tool ([https://www.test-cors.org/)] but only after 
having properly authenticated and accepted the certificate (Unomi is provided 
with a self-signed certificate that might be refused by default on some 
browsers such as Chrome). Also which browser are you using in your tests ?

Best regards,

  Serge... 

> UNOMI CORS Issue is coming when trying to fetch RULES
> -----------------------------------------------------
>
>                 Key: UNOMI-170
>                 URL: https://issues.apache.org/jira/browse/UNOMI-170
>             Project: Apache Unomi
>          Issue Type: Bug
>          Components: core
>    Affects Versions: 1.2.0-incubating
>         Environment: Mac OS
>            Reporter: Mitesh Jain
>            Priority: Blocker
>              Labels: security
>         Attachments: Screen Shot 2018-03-07 at 11.35.27 AM.png
>
>
> Hi,
> My Name is Mitesh Jain,
> I am new to Unomi.
> All installations are done according to this link:
> [http://unomi.incubator.apache.org/]
> When I am trying to access the rest api cxs to fetch all the rules, it is 
> showing properly in browser when I browse,
> [https://localhost:9443/cxs/rules]
> but when I am trying to access the same using my Angular application to fetch 
> rules using above url, 
> [https://localhost:9443/cxs/rules|https://localhost:9443/cxs/rules/] it will 
> make a OPTIONS call and I am getting the error as "No 
> 'Access-Control-Allow-Origin' header is present on the requested resource."
> Please Let me know how to fix this CORS issue.
> Mitesh Jain
>  



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Reply via email to