Openbravo Issue Tracking System - Openbravo ERP |
| View Issue Details |
|
| ID | Project | Category | View Status | Date Submitted | Last Update |
| 0053672 | Openbravo ERP | C. Security | public | 2023-10-17 10:10 | 2023-10-25 15:30 |
|
| Reporter | ebecerra | |
| Assigned To | Triage Platform Base | |
| Priority | normal | Severity | major | Reproducibility | have not tried |
| Status | new | Resolution | open | |
| Platform | | OS | 5 | OS Version | |
| Product Version | | |
| Target Version | | Fixed in Version | | |
| Merge Request Status | |
| Review Assigned To | |
| OBNetwork customer | |
| Web browser | |
| Modules | Core |
| Support ticket | |
| Regression level | |
| Regression date | |
| Regression introduced in release | |
| Regression introduced by commit | |
| Triggers an Emergency Pack | No |
|
| Summary | 0053672: HTTP PUT and HTTP DELETE should accept CORS |
| Description | Nowadays the HTTP methods allowed for cross-domain calls are POST, GET and OPTIONS.
While developing 53527 we realized that we need to allow request using CORS for PUT and DELETE
|
| Steps To Reproduce | CRM connector (without coding) launches requests against an external system that can be configured in a different domain.
The CRM that we prepared for testing is running on OB but when we try to use it from a development environment (POS executed in npm server) requests to the back office (CRM example for testing purposes) are in another domain so these operations (PUT, DELETE) does not work |
| Proposed Solution | See attachment image |
| Additional Information | |
| Tags | No tags attached. |
| Relationships | |
| Attached Files |  Cors.png (62,169) 2023-10-17 10:10
https://issues.openbravo.com/file_download.php?file_id=19037&type=bug
|
|
| Issue History |
| Date Modified | Username | Field | Change |
| 2023-10-17 10:10 | ebecerra | New Issue | |
| 2023-10-17 10:10 | ebecerra | Assigned To | => Triage Platform Base |
| 2023-10-17 10:10 | ebecerra | File Added: Cors.png | |
| 2023-10-17 10:10 | ebecerra | Modules | => Core |
| 2023-10-17 10:10 | ebecerra | Triggers an Emergency Pack | => No |
| 2023-10-25 15:27 | guilleaer | Summary | Must be included the HTTP methods: PUT and DELETE for CORS validations => HTTP PUT and HTTP DELETE should accept CORS |
| 2023-10-25 15:27 | guilleaer | Description Updated | bug_revision_view_page.php?rev_id=27028#r27028 |
| 2023-10-25 15:27 | guilleaer | Steps to Reproduce Updated | bug_revision_view_page.php?rev_id=27030#r27030 |
| 2023-10-25 15:30 | guilleaer | Description Updated | bug_revision_view_page.php?rev_id=27031#r27031 |
| 2023-10-25 15:30 | guilleaer | Steps to Reproduce Updated | bug_revision_view_page.php?rev_id=27032#r27032 |