Project:
| View Issue Details[ Jump to Notes ] | [ Issue History ] [ Print ] | |||||||
| ID | ||||||||
| 0037627 | ||||||||
| Type | Category | Severity | Reproducibility | Date Submitted | Last Update | |||
| defect | [Openbravo ERP] A. Platform | major | always | 2018-01-12 11:19 | 2018-02-22 18:18 | |||
| Reporter | malsasua | View Status | public | |||||
| Assigned To | jarmendariz | |||||||
| Priority | normal | Resolution | fixed | Fixed in Version | 3.0PR18Q2 | |||
| Status | closed | Fix in branch | Fixed in SCM revision | 31ed5cfcd285 | ||||
| Projection | none | ETA | none | Target Version | ||||
| OS | Any | Database | Any | Java version | ||||
| OS Version | Database version | Ant version | ||||||
| Product Version | SCM revision | |||||||
| Merge Request Status | ||||||||
| Review Assigned To | caristu | |||||||
| OBNetwork customer | OBPS | |||||||
| Web browser | ||||||||
| Modules | Core | |||||||
| Support ticket | ||||||||
| Regression level | ||||||||
| Regression date | ||||||||
| Regression introduced in release | ||||||||
| Regression introduced by commit | ||||||||
| Triggers an Emergency Pack | No | |||||||
| Summary | 0037627: AllowedCrossDomainsHandler.getInstance().setCORSHeaders is not executed calling to WebServices | |||||||
| Description | If a call to one WebService is done using ajax, the AllowedCrossDomainsHandler.getInstance().setCORSHeaders is not executed, and error "No 'Access-Control-Allow-Origin'" is returned | |||||||
| Steps To Reproduce | . implement class that it extends from AllowedCrossDomainsChecker (see [1] and attached class file) . do a call to one WS using ajax or JS from Chrome developers tools, opening the page: jsbeautifier.org: . open chrome: url: http://jsbeautifier.org/ [^] . open chrome developers tools . execute in the console, this command: prueba = function () { var xhr = new XMLHttpRequest(); xhr.open("GET","http://localhost:8080/openbravo/ws/dal/Country?user=Openbravo&password=openbravo" [^]); xhr.setRequestHeader('Content-Type', "appliation/json;charset=UTF-8"); xhr.send(); }; prueba(); Error is returned: Failed to load http://localhost:8080/openbravo/ws/dal/Country?user=Openbravo&password=openbravo: [^] Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://jsbeautifier.org' [^] is therefore not allowed access. [1] http://wiki.openbravo.com/wiki/Retail:Configuration_Guide#Allowed_Origin_Domains_Field_-_Cross_Domain_Requests [^] | |||||||
| Proposed Solution | file: /src/org/openbravo/service/web/BaseWebServiceServlet.java add in line 71: AllowedCrossDomainsHandler.getInstance().setCORSHeaders(request, response); | |||||||
| Tags | No tags attached. | |||||||
| Attached Files |  ZendeskAllowedDomain.java [^] (982 bytes) 2018-01-12 11:19 bug-37627.patch [^] (2,417 bytes) 2018-01-26 09:42 [Show Content]
| |||||||
 Relationships [ Relation Graph ]
[ Dependency Graph ]
|
||||||||
|
||||||||
 Relationships |
|
Notes |
|
|
(0102144) hgbot (developer) 2018-02-02 10:08 |
Repository: erp/devel/pi Changeset: 31ed5cfcd28514f458237d536f97ef584ec9e56a Author: Javier Armendáriz <javier.armendariz <at> openbravo.com> Date: Fri Jan 26 12:32:24 2018 +0100 URL: http://code.openbravo.com/erp/devel/pi/rev/31ed5cfcd28514f458237d536f97ef584ec9e56a [^] Fixed bug 37627: Web services does not handle CORS properly. Web service servlet does not handle CORS so cross-domain request would fail. Adding the CORS handler in the base servlet for web services. --- M src/org/openbravo/service/web/BaseWebServiceServlet.java --- |
|
(0102152) caristu (viewer) 2018-02-02 12:06 |
Code reviewed + tested OK. |
|
(0102711) hudsonbot (viewer) 2018-02-22 18:18 |
A changeset related to this issue has been promoted main and to the Central Repository, after passing a series of tests. Promotion changeset: https://code.openbravo.com/erp/devel/main/rev/980a6ad5bbf5 [^] Maturity status: Test |
|
Notes |
|
Issue History |
|||
| Date Modified | Username | Field | Change |
| 2018-01-12 11:19 | malsasua | New Issue | |
| 2018-01-12 11:19 | malsasua | Assigned To | => platform |
| 2018-01-12 11:19 | malsasua | File Added: ZendeskAllowedDomain.java | |
| 2018-01-12 11:19 | malsasua | OBNetwork customer | => Yes |
| 2018-01-12 11:19 | malsasua | Modules | => Core |
| 2018-01-12 11:19 | malsasua | Resolution time | => 1517612400 |
| 2018-01-12 11:19 | malsasua | Triggers an Emergency Pack | => No |
| 2018-01-19 12:12 | alostale | Status | new => acknowledged |
| 2018-01-22 17:53 | jarmendariz | Assigned To | platform => jarmendariz |
| 2018-01-22 17:53 | jarmendariz | Status | acknowledged => scheduled |
| 2018-01-26 09:42 | jarmendariz | File Added: bug-37627.patch | |
| 2018-01-26 09:48 | jarmendariz | Review Assigned To | => caristu |
| 2018-01-26 14:54 | caristu | Relationship added | related to 0034331 |
| 2018-02-02 10:08 | hgbot | Checkin | |
| 2018-02-02 10:08 | hgbot | Note Added: 0102144 | |
| 2018-02-02 10:08 | hgbot | Status | scheduled => resolved |
| 2018-02-02 10:08 | hgbot | Resolution | open => fixed |
| 2018-02-02 10:08 | hgbot | Fixed in SCM revision | => http://code.openbravo.com/erp/devel/pi/rev/31ed5cfcd28514f458237d536f97ef584ec9e56a [^] |
| 2018-02-02 12:06 | caristu | Note Added: 0102152 | |
| 2018-02-02 12:06 | caristu | Status | resolved => closed |
| 2018-02-02 12:06 | caristu | Fixed in Version | => 3.0PR18Q2 |
| 2018-02-22 18:18 | hudsonbot | Checkin | |
| 2018-02-22 18:18 | hudsonbot | Note Added: 0102711 | |
|
Issue History |
| Copyright © 2000 - 2009 MantisBT Group |
 |