How to set Response header for Preflight Request OPTIONS method in IBM HTTP Server?
I am using dojo/xhrpost(dojo 1.7) to make AJAX call, getting this error
Access to XMLHttpRequest at
'https://dev.services.com/secure/ui/services/getEmployeeDetails/AdditionalContact'
from origin 'https://dev.ead.com' has been blocked by CORS policy:
Response to preflight request doesn't pass access control check:
Redirect is not allowed for a preflight request.
Try to resolve it two ways
1) By adding header in Servlet Filter Class (Java). Below code snippet.
((HttpServletResponse) response).addHeader("Access-Control-Allow-Origin", "*");
((HttpServletResponse) response).addHeader("Access-Control-Allow-Methods","GET, OPTIONS, HEAD, PUT, POST");
HttpServletResponse resp = (HttpServletResponse) response;
if (request1.getMethod().equals("OPTIONS")) {
resp.setStatus(HttpServletResponse.SC_ACCEPTED);
return;
}
chain.doFilter(request1, resp);
2) By adding Directory , Location, Virtual Host tags in httpd.config file. Snippet below
LoadModule headers_module modules/mod_headers.so
<Directory ${APPCONTENT}/docroot>
AllowOverride None
Options Indexes FollowSymLinks
Require all granted
# Always set these headers.
Header always set Access-Control-Allow-Credentials "true"
Header always set Access-Control-Allow-Origin "*"
Header always set Access-Control-Allow-Methods "POST, GET, OPTIONS, DELETE, PUT"
Header always set Access-Control-Max-Age "1000"
Header always set Access-Control-Allow-Headers "x-requested-with, Content-Type, origin, authorization, accept, client-security-token"
# Added a rewrite to respond with a 200 SUCCESS on every OPTIONS request.
RewriteEngine On
RewriteCond %{REQUEST_METHOD} OPTIONS
RewriteRule ^(.*)$ $1 [R=200,L]
</Directory>
################INCLUDE VIRTUALHOST################
Include ${APPCONF}/vhost.conf
Additonal Infos: Getting HTTP:302 Found in response , preflight Request header has both these tags
Access-Control-Request-Headers: content-type,x-requested-with
Access-Control-Request-Method: POST.
By using above two methods i can't set the Response Header for that preflight request.Kindly someone help me to resolve this issue.
java ajax apache dojo ibmhttpserver
edited yesterday
gudok
2,68611021
asked yesterday
Venkatesh
83
add a comment |
I am using dojo/xhrpost(dojo 1.7) to make AJAX call, getting this error
Access to XMLHttpRequest at
'https://dev.services.com/secure/ui/services/getEmployeeDetails/AdditionalContact'
from origin 'https://dev.ead.com' has been blocked by CORS policy:
Response to preflight request doesn't pass access control check:
Redirect is not allowed for a preflight request.
Try to resolve it two ways
1) By adding header in Servlet Filter Class (Java). Below code snippet.
((HttpServletResponse) response).addHeader("Access-Control-Allow-Origin", "*");
((HttpServletResponse) response).addHeader("Access-Control-Allow-Methods","GET, OPTIONS, HEAD, PUT, POST");
HttpServletResponse resp = (HttpServletResponse) response;
if (request1.getMethod().equals("OPTIONS")) {
resp.setStatus(HttpServletResponse.SC_ACCEPTED);
return;
}
chain.doFilter(request1, resp);
2) By adding Directory , Location, Virtual Host tags in httpd.config file. Snippet below
LoadModule headers_module modules/mod_headers.so
<Directory ${APPCONTENT}/docroot>
AllowOverride None
Options Indexes FollowSymLinks
Require all granted
# Always set these headers.
Header always set Access-Control-Allow-Credentials "true"
Header always set Access-Control-Allow-Origin "*"
Header always set Access-Control-Allow-Methods "POST, GET, OPTIONS, DELETE, PUT"
Header always set Access-Control-Max-Age "1000"
Header always set Access-Control-Allow-Headers "x-requested-with, Content-Type, origin, authorization, accept, client-security-token"
# Added a rewrite to respond with a 200 SUCCESS on every OPTIONS request.
RewriteEngine On
RewriteCond %{REQUEST_METHOD} OPTIONS
RewriteRule ^(.*)$ $1 [R=200,L]
</Directory>
################INCLUDE VIRTUALHOST################
Include ${APPCONF}/vhost.conf
Additonal Infos: Getting HTTP:302 Found in response , preflight Request header has both these tags
Access-Control-Request-Headers: content-type,x-requested-with
Access-Control-Request-Method: POST.
By using above two methods i can't set the Response Header for that preflight request.Kindly someone help me to resolve this issue.
java ajax apache dojo ibmhttpserver
edited yesterday
gudok
2,68611021
asked yesterday
Venkatesh
83
So what's the redirect to during the 302? Where does it come from? The headers won't matter while it's a redirect. Also, proxied dynamic content won't be matched by <directory> so that bit is likely not even occurring.
– covener
yesterday
add a comment |
I am using dojo/xhrpost(dojo 1.7) to make AJAX call, getting this error
Access to XMLHttpRequest at
'https://dev.services.com/secure/ui/services/getEmployeeDetails/AdditionalContact'
from origin 'https://dev.ead.com' has been blocked by CORS policy:
Response to preflight request doesn't pass access control check:
Redirect is not allowed for a preflight request.
Try to resolve it two ways
1) By adding header in Servlet Filter Class (Java). Below code snippet.
((HttpServletResponse) response).addHeader("Access-Control-Allow-Origin", "*");
((HttpServletResponse) response).addHeader("Access-Control-Allow-Methods","GET, OPTIONS, HEAD, PUT, POST");
HttpServletResponse resp = (HttpServletResponse) response;
if (request1.getMethod().equals("OPTIONS")) {
resp.setStatus(HttpServletResponse.SC_ACCEPTED);
return;
}
chain.doFilter(request1, resp);
2) By adding Directory , Location, Virtual Host tags in httpd.config file. Snippet below
LoadModule headers_module modules/mod_headers.so
<Directory ${APPCONTENT}/docroot>
AllowOverride None
Options Indexes FollowSymLinks
Require all granted
# Always set these headers.
Header always set Access-Control-Allow-Credentials "true"
Header always set Access-Control-Allow-Origin "*"
Header always set Access-Control-Allow-Methods "POST, GET, OPTIONS, DELETE, PUT"
Header always set Access-Control-Max-Age "1000"
Header always set Access-Control-Allow-Headers "x-requested-with, Content-Type, origin, authorization, accept, client-security-token"
# Added a rewrite to respond with a 200 SUCCESS on every OPTIONS request.
RewriteEngine On
RewriteCond %{REQUEST_METHOD} OPTIONS
RewriteRule ^(.*)$ $1 [R=200,L]
</Directory>
################INCLUDE VIRTUALHOST################
Include ${APPCONF}/vhost.conf
Additonal Infos: Getting HTTP:302 Found in response , preflight Request header has both these tags
Access-Control-Request-Headers: content-type,x-requested-with
Access-Control-Request-Method: POST.
By using above two methods i can't set the Response Header for that preflight request.Kindly someone help me to resolve this issue.
java ajax apache dojo ibmhttpserver
edited yesterday
gudok
2,68611021
asked yesterday
Venkatesh
83
I am using dojo/xhrpost(dojo 1.7) to make AJAX call, getting this error
Access to XMLHttpRequest at
'https://dev.services.com/secure/ui/services/getEmployeeDetails/AdditionalContact'
from origin 'https://dev.ead.com' has been blocked by CORS policy:
Response to preflight request doesn't pass access control check:
Redirect is not allowed for a preflight request.
Try to resolve it two ways
1) By adding header in Servlet Filter Class (Java). Below code snippet.
((HttpServletResponse) response).addHeader("Access-Control-Allow-Origin", "*");
((HttpServletResponse) response).addHeader("Access-Control-Allow-Methods","GET, OPTIONS, HEAD, PUT, POST");
HttpServletResponse resp = (HttpServletResponse) response;
if (request1.getMethod().equals("OPTIONS")) {
resp.setStatus(HttpServletResponse.SC_ACCEPTED);
return;
}
chain.doFilter(request1, resp);
2) By adding Directory , Location, Virtual Host tags in httpd.config file. Snippet below
LoadModule headers_module modules/mod_headers.so
<Directory ${APPCONTENT}/docroot>
AllowOverride None
Options Indexes FollowSymLinks
Require all granted
# Always set these headers.
Header always set Access-Control-Allow-Credentials "true"
Header always set Access-Control-Allow-Origin "*"
Header always set Access-Control-Allow-Methods "POST, GET, OPTIONS, DELETE, PUT"
Header always set Access-Control-Max-Age "1000"
Header always set Access-Control-Allow-Headers "x-requested-with, Content-Type, origin, authorization, accept, client-security-token"
# Added a rewrite to respond with a 200 SUCCESS on every OPTIONS request.
RewriteEngine On
RewriteCond %{REQUEST_METHOD} OPTIONS
RewriteRule ^(.*)$ $1 [R=200,L]
</Directory>
################INCLUDE VIRTUALHOST################
Include ${APPCONF}/vhost.conf
Additonal Infos: Getting HTTP:302 Found in response , preflight Request header has both these tags
Access-Control-Request-Headers: content-type,x-requested-with
Access-Control-Request-Method: POST.
By using above two methods i can't set the Response Header for that preflight request.Kindly someone help me to resolve this issue.
java ajax apache dojo ibmhttpserver
java ajax apache dojo ibmhttpserver
edited yesterday
gudok
2,68611021
asked yesterday
Venkatesh
83
edited yesterday
gudok
2,68611021
asked yesterday
Venkatesh
83
edited yesterday
gudok
2,68611021
edited yesterday
gudok
2,68611021
edited yesterday
gudok
2,68611021
2,68611021
asked yesterday
Venkatesh
83
asked yesterday
Venkatesh
83
asked yesterday
Venkatesh
83
83
So what's the redirect to during the 302? Where does it come from? The headers won't matter while it's a redirect. Also, proxied dynamic content won't be matched by <directory> so that bit is likely not even occurring.
– covener
yesterday
add a comment |
So what's the redirect to during the 302? Where does it come from? The headers won't matter while it's a redirect. Also, proxied dynamic content won't be matched by <directory> so that bit is likely not even occurring.
– covener
yesterday
So what's the redirect to during the 302? Where does it come from? The headers won't matter while it's a redirect. Also, proxied dynamic content won't be matched by <directory> so that bit is likely not even occurring.
– covener
yesterday
So what's the redirect to during the 302? Where does it come from? The headers won't matter while it's a redirect. Also, proxied dynamic content won't be matched by <directory> so that bit is likely not even occurring.
– covener
yesterday
add a comment |
active
oldest
votes
Your Answer
StackExchange.ifUsing("editor", function () {
StackExchange.using("externalEditor", function () {
StackExchange.using("snippets", function () {
StackExchange.snippets.init();
});
});
}, "code-snippets");
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "1"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53944104%2fhow-to-set-response-header-for-preflight-request-options-method-in-ibm-http-serv%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
active
oldest
votes
active
oldest
votes
active
oldest
votes
active
oldest
votes
Thanks for contributing an answer to Stack Overflow!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Some of your past answers have not been well-received, and you're in danger of being blocked from answering.
Please pay close attention to the following guidance:
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53944104%2fhow-to-set-response-header-for-preflight-request-options-method-in-ibm-http-serv%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
So what's the redirect to during the 302? Where does it come from? The headers won't matter while it's a redirect. Also, proxied dynamic content won't be matched by <directory> so that bit is likely not even occurring.
– covener
yesterday