E9.2 Getting CORS error with JDE AIS Rest (9.2)

TravyDale

Member
Hello, I am working on a website that is going to login and call and orchestration through the JDE Rest API. We are on version 9.2 I believe. I have tested the API calls through Postman and they are working as expected.

My goal was to do everything through JavaScript, but I am having a lot of issues with CORS. I am unsure how to get around this issue. My error is below:

Access to XMLHttpRequest at 'http://<servername&port>/jderest/v2/tokenrequest' from origin 'http://localhost:29757' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.

Do I need to make a setup change within JDE or do I need to structure my HTTP POST differently?
 

TravyDale

Member
I was able to check out the settings in AIS and it does have star (*) for Allowed Hosts. I am out of ideas as to what would be preventing this.
 

alfredorz

Well Known Member
Hi TravyDale, I'm the same problem with purchase order approval PWA. The application is installed in my local Xampp apache and a server with xampp too, I've modified httpd.conf and more files but it returns error on browse console:
Access to fetch at 'http://10.10.1.10:8193/jderest/v2/tokenrequest/logout' from origin 'http://localhost:8888' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.

But it's strange, I make a php application and i call orchestrator without problem.

I've reviewed AIS configuration and it's ok (Allowed Host: *).

Could you fix the problem?

We are on 9.2.4.3 tools version.

Else I'll install a tomcat server in jde web server...

Best regards.
 
Last edited:

RussellCodlin

Reputable Poster
The reason PHP will work is because it is a server side solution, not client side like javascript.

See https://support.oracle.com/epmos/fa...te=16n1t8o8tq_53&_afrLoop=322623366947231#FIX regarding the CORS issue. Was fixed somewhere around the 9.2.4.4 to 9.2.4.6 tools.

Not sure if you can disable CORS within WLS to override the orchestrator app. Alternatively you can use HTTPD or similar to create a reverse proxy and then fix the headers to prevent CORS issues.
 

alfredorz

Well Known Member
The reason PHP will work is because it is a server side solution, not client side like javascript.

See https://support.oracle.com/epmos/fa...te=16n1t8o8tq_53&_afrLoop=322623366947231#FIX regarding the CORS issue. Was fixed somewhere around the 9.2.4.4 to 9.2.4.6 tools.

Not sure if you can disable CORS within WLS to override the orchestrator app. Alternatively you can use HTTPD or similar to create a reverse proxy and then fix the headers to prevent CORS issues.

Thanks a lot Russel!!! you are right. If we install a tomcat server (or other apache) in jde web server, it will fix cors problem?? I understand if it's in the same server requests and response, shouldn't problem right? I understand CORS should be configurated in diferent servers-domains but in the same is trusted (sorry I don't understand much about systems) and we doesn't care where the application po aporoval where is (I'm try testing in my local machine).

Best regards.
 
Top