tmssoftware.com

Cross Domain issue

WEB TMS WEB Core
#1

Hi guys,

I have modified the sample application TMAWeb_SimpleService return a list of json filenames from my webservice. Which has

procedure TWebModule1.WebModuleBeforeDispatch(Sender: TObject;
  Request: TWebRequest; Response: TWebResponse; var Handled: Boolean);
begin
    Response.SetCustomHeader('Access-Control-Allow-Origin','*');
end;

procedure TForm1.WebButton1Click(Sender: TObject);
begin
 // WebHttpRequest1.URL := 'https://download.tmssoftware.com/tmsweb/music.json';
  WebHttpRequest1.URL := 'http://92.27.68.65:7777/getRockVideos';


  WebHttpRequest1.Execute();
end;

procedure TForm1.WebHttpRequest1RequestResponse(Sender: TObject;
  ARequest: TJSXMLHttpRequestRecord; AResponse: string);
      var
        js: TJSON;
        ja: TJSONArray;
        jo: TJSONObject;
        i: integer;
      begin
        js := TJSON.Create;

        try
          ja := TJSONArray(js.Parse(AResponse));

          ShowMessage('Retrieved items:' +AResponse);

          for i := 0 to ja.Count - 1 do
          begin
            jo := TJSONObject(ja.Items[i]);
            WebListBox1.Items.Add(jo.GetJSONValue('videoName'));
          end;
        finally
          js.Free;
        end;
      end ;



end.

This work fine in the sample application.
When I add this code to my application I get a cross domain access error.

rocksTruck.html:1 Access to XMLHttpRequest at 'http://92.27.68.65/getRockVideos' from origin 'http://localhost:8000' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.

I can't see any setting in the sample application that solves the issue.

#2
  1. Try to clear WebHttpRequest.Headers
    and/or
  2. Check this FAQ:
    This means the REST API resource is not enabled for CORS.
    Solve this by putting this JSON resource in the same domain as your web app or enable CORS on the backend. (This will depend on the type of backend you use).

For a background on CORS, please see:

For enabling CORS for XData this is explained in detail here:

#3

Hi Bruno

New to this. How do I clear the headers?

Why does the TMS sample application work and mine doesn’t with the same code ?

#4
  1. webhttprequest.Headers.Clear
  2. did you read up on CORS?
#5

Hi Bruno,

I have this enabled on my webService using Delphi & TWebModule

procedure TWebModule1.WebModuleBeforeDispatch(Sender: TObject;
  Request: TWebRequest; Response: TWebResponse; var Handled: Boolean);
begin
    Response.SetCustomHeader('Access-Control-Allow-Origin','*');
end;

So as far as I understand this allows CORs and nothing is needed on the client end.

In my TMSWeb app I use

  WebHttpRequest1.Headers.Clear;
  WebHttpRequest1.URL := 'http://92.27.68.65/getRockVideos';
  WebHttpRequest1.Execute();

But I still get the cross domain error in my app but not the TMS TMAWeb_SimpleService app.

I am accessing the same webservice from a mobile Delphi app ( ie different IP's) and don't have any issues.
What am I not understanding here please ?

#6

Please see the screen grab showing the problem

#7

When I test this from here, I get a connection timeout.

#8

I've noticed the errors. Late nights and brain drain with CSS etc etc.
My app was missing the port (7777) in my app and I was using the wrong OnRequestResponse on the second call.

Cheers for the help so far.

© tmssoftware.com