Hi Christian,
Thanks a lot for the pointer it worked for me.
The below code in apache conf. file set the appropriate header required by
CORS:
Header always set Access-Control-Allow-Origin "*"
Header always set Access-Control-Allow-Methods "POST, GET, OPTIONS,
DELETE, PUT"
Header always set Access-Control-Max-Age "1000"
Header always set Access-Control-Allow-Headers "x-requested-with,
Content-Type, origin, authorization, accept, client-security-token"
# Added a rewrite to respond with a 200 SUCCESS on every OPTIONS
request.
RewriteEngine On
RewriteCond %{REQUEST_METHOD} OPTIONS
RewriteRule ^(.*)$ $1 [R=200,L]
Regards,
Satish
On Saturday, 10 June 2017 14:00:47 UTC+5:30, Christian Hammond wrote:
>
> Hi Satish,
>
> I saw your previous post on this. Just haven't responded yet, but doing so
> now.
>
> CORS is a browser concept, and it's controlled by headers coming from the
> web application or web server. You should be able to add the necessary
> headers in your Apache configuration to allow access.
>
> Try adding this to your VirtualHost directive in Apache:
>
> Header set Access-Control-Allow-Origin "*"
>
> For tighter security, use the URL of the server (or the full path to the
> page doing the query) instead of the *
>
> You may need to enable the headers module in Apache, if it complains.
>
> Christian
>
> On Sat, Jun 10, 2017 at 1:26 AM, satish singh <[email protected]
> <javascript:>> wrote:
>
>> Hi Team,
>>
>> I am trying to create a page with AngularJS which will allow RB user's to
>> add review group in Review Board(RB) using RB API.
>>
>> code snippet:
>>
>> $http({
>> method: "GET",
>> url: "http://reviewboar.xyz/api/users/xyz/
>> <http://reviewboar.xyz/users/xyz/>",
>> headers: {'Authorization': 'Basic xyzxyzxyzxyz=='}
>> }).then(function success(response){
>> $scope.data = response.data;
>> $scope.status = response.status;
>> $scope.config = response.config;
>> $scope.header = responce.header;
>> }, function error(response){
>> $scope.status = response.status;
>> console.log($scope.status);
>> });
>>
>> But I am getting CORS error, how can I resolve it ? We have RB in closed
>> environment and don't need CORS.
>> Is there a way we can disable it in Review board ? Please provide any
>> pointer.
>>
>> Error:
>> Cross-Origin Request Blocked: The Same Origin Policy disallows reading
>> the remote resource at https://reviewboard.xyz.yu.com/api/
>> <https://www.google.com/url?q=https%3A%2F%2Fnrbweb-staging.eng.netapp.com%2Fapi%2F&sa=D&sntz=1&usg=AFQjCNE-XHOFYTUFA0dVOar015TNnYMs_w>.
>>
>> (Reason: CORS header 'Access-Control-Allow-Origin' missing)
>>
>>
>> Regards,
>> Satish
>>
>> --
>> Supercharge your Review Board with Power Pack:
>> https://www.reviewboard.org/powerpack/
>> Want us to host Review Board for you? Check out RBCommons:
>> https://rbcommons.com/
>> Happy user? Let us know! https://www.reviewboard.org/users/
>> ---
>> You received this message because you are subscribed to the Google Groups
>> "reviewboard" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to [email protected] <javascript:>.
>> For more options, visit https://groups.google.com/d/optout.
>>
>
>
>
> --
> Christian Hammond
> President/CEO of Beanbag <https://www.beanbaginc.com/>
> Makers of Review Board <https://www.reviewboard.org/>
>
--
Supercharge your Review Board with Power Pack:
https://www.reviewboard.org/powerpack/
Want us to host Review Board for you? Check out RBCommons:
https://rbcommons.com/
Happy user? Let us know! https://www.reviewboard.org/users/
---
You received this message because you are subscribed to the Google Groups
"reviewboard" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/d/optout.
