search

doedje / jquery.soap

This script uses $.ajax to send a SOAP:Envelope. It can take XML DOM, XML string or JSON as input and the response can be returned as either XML DOM, XML string or JSON too.
352 stars 148 forks source link

HTTPHeaders are not provided with request? #132

Closed dhuber666 closed 4 years ago

dhuber666 commented 4 years ago

Hi man,

first and most important: Awesome library and thank you for making it!

I'm one of the many that came accross CORS problems. It's this default error message:

So I console.logged the output error and I can see there are no headers in it:

So is this a problem on my site or is the code not sending over the http header.

I tried it with this header:

$.soap({
  url: "https://myurlfrommycompany/webservices/webservice/",
  method: "createLeasedEmployment",
  HTTPHeaders: {
    Authorization: "Basic" + btoa(username + ":" + password),
    "Access-Control-Allow-Origin": "*"
  },
....

I would appreciate any help from you guys :)

Have a good day!

doedje commented 4 years ago

Hi dhuber666,

Thanx for letting me know you enjoy $.soap!

The Access-Control-Allow-Origin header should be set on the response, on the serverside. Modern browsers are not too keen on that wildcard so you should explicitly set it to the server your application is running on (your frontend server). If you don't control the backend server, so you cannot set that header, you can't use CORS on that resource and are left with the option to set up a reverse proxy on your frontend server, see: https://github.com/doedje/jquery.soap/#same-origin-policy for some information on that.

Good luck!

dhuber666 commented 4 years ago

Hi,

thanks for the answer. I contacted the backend person and he said that cors is not enabled on the server. He enables it with "*". So that means I can access it by providing this:

doedje commented 4 years ago

Hi dhuber666,

You won't need to add that header, it should work as long as it is set on the backend. Frontend should be just fine without it...