I get the following CORS error while writing any Reactive Web app. It happens as soon I do a first publish and try to open in browser.

Access to XMLHttpRequest at '.../moduleservices/moduleversioninfo?1576124762914') from origin 'null' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.

I believe if this error were happening with my own API, I could add CORS headers to allow cross-origin requests. Can I do something similar with an Outsystems Platform API such as the moduleversioninfo one getting called here?

Hello Aviral,

Can you try to call the action GetRequestHeader (with value * you "can access from anywhere") before call the API?



Hope it helps.


Br,

Luís

Hi Aviral,

In Service Center you can change the security settings of the app (including those headers), but it is very strange that you are getting those errors in the first place. Are you on a personal environment? Are you using the normal url?

Cheers,

Tiago Simões

Tiago Simões wrote:

Hi Aviral,

In Service Center you can change the security settings of the app (including those headers), but it is very strange that you are getting those errors in the first place. Are you on a personal environment? Are you using the normal url?

Cheers,

Tiago Simões

Thank you for the response. 

Yes, I'm on a personal environment. The organisation one's set up is in progress. 

I'm quite certain I'm using the normal URL as I haven't changed it. I have just setup a brand new Reactive Web Application and published it. The service in question '.../moduleservices/moduleversioninfo' is also provided by Outsystems. 


Luís Cardoso wrote:

Hello Aviral,

Can you try to call the action GetRequestHeader (with value * you "can access from anywhere") before call the API?



Hope it helps.


Br,

Luís

Thank you for the response. I could probably do that if it were my own API and I was calling it in one of my flows. This service is provided by OS and used automatically when I access the application. I will check if it's possible to change in Service Center as suggested by @Tiago.


Solution

Aviral Mishra wrote:

Tiago Simões wrote:

Hi Aviral,

In Service Center you can change the security settings of the app (including those headers), but it is very strange that you are getting those errors in the first place. Are you on a personal environment? Are you using the normal url?

Cheers,

Tiago Simões

Thank you for the response. 

Yes, I'm on a personal environment. The organisation one's set up is in progress. 

I'm quite certain I'm using the normal URL as I haven't changed it. I have just setup a brand new Reactive Web Application and published it. The service in question '.../moduleservices/moduleversioninfo' is also provided by Outsystems. 


This helped me solve the issue:

https://www.outsystems.com/forums/discussion/44851/how-to-add-custom-response-headers-manipule-web-config-for-cases-like-cors/


Solution