I've run into issues implementing ajax call with request header parameters.
The simple ajax call - when I’m not setting anything in the request header - works (I run the application through the RhoElements web server).
However, when I have to pass certain parameters to the request header of the Web API call (RESTful service), the call fails.
Here’s the sample of the code:
var apiEndPoint = “<Web API End Point>”;
$.ajax({
url: apiEndPoint,
dataType: 'json',
success: function (data) {
<some_code>;
},
error: function (xhr, ajaxOptions, thrownError) {
<some_code>;
},
beforeSend: function (xhr) {
xhr.setRequestHeader("clientID", "<clientid_value>");
xhr.setRequestHeader("ResourceID", "<resourceid_value>");
xhr.setRequestHeader("Token", "<token_value>”);
}
Naturaly, the code works in the browser on the desktop.
Are there any additional settings that I have to check or set?
Thanks,
Yuriy
What version of RhoElements are you using and what device?
Sent from my Verizon Wireless 4G LTE DROID
Points: 0
You voted ‘up’
RhoElements v1.0.3.11, ES400.
I've also installed the hot fix HF_SPR22122.ARM.CAB, although, I'm not sure if it was needed for v1.0.3.11.
Points: 0
You voted ‘up’
Rob, given the many enhancements and fixes coming in RhoElements v2 do you think it would help to have this issue validated againt it?
Points: 0
You voted ‘up’
Gentlemen, let me know, please, the recommended course of action. It's becoming crucial.
Points: 0
You voted ‘up’
Rob, so that you're aware Yuriy tested RhoElements v2.05.27 but the issue persists. Below is his feedback. ===== To recapture, what’s working for us is https call without request header being sent. Http call with request header, the way shown in my previous emails, doesn’t work. Can it be related to cross-origin calls problem (strange, though, that the https-no-header call works)? Do you have an example of JQuery ajax call with the request header that will work for RhoElements? Yuriy ===== Rob, your assistance with this issue is greatly appreciated.
Points: 0
You voted ‘up’
Peter
I would make sure a support ticket gets escalated on this if you have not already done so. If I understand the issue correctly, it sounds like the headers are not being sent. Are there other ways with jQuery to append these headers or use another AJAX library/method?
Points: 0
You voted ‘up’
I have a strong suspicion that CORS is at least partially responsible for this behaviour. I will follow up tomorrow.
Points: 0
You voted ‘up’
Rob, thanks for commenting. Case #2612635 was created on this issue.
Points: 0
You voted ‘up’
We've overcome many of the issues using CORS-related headers in IIS. I'll share the information once the testing is finished.
Points: 0
You voted ‘up’
Yuriy, were you able to complete your investigation on this in your environment? Have you found anything more around the issue?
Just so you're aware Gary Crean has recently reported to this thread positive results.
Let us know if there is anything we can assist with.
Points: 0
You voted ‘up’
I have tested this using the Hotfix also. I can confirm the headers are being sent correctly.
Points: 0
You voted ‘up’
We overcame CORS issues by updating our Web API. We use IIS, so originally we were adding necessary headers in the IIS Manager directly, but then moved them to a centralized place to simplify deployment.
We made changes to the Web API's Global.asax file, as following:
protected void Application_BeginRequest(object sender, EventArgs e)
{
...
EnableCrossDomainAjaxCall();
}
private void EnableCrossDomainAjaxCall()
{
HttpContext.Current.Response.AddHeader("Access-Control-Allow-Origin", "*"); //To make sure CORS calls are not rejected
HttpContext.Current.Response.AddHeader("Access-Control-Allow-Headers", "Content-Type, Accept, ClientID, ResourceID, UserID, Token"); //To process standard and our custom headers
HttpContext.Current.Response.AddHeader("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE, OPTIONS, HEAD, TRACE"); //To allow standard methods
//This is to cache the calls (relevant for OPTIONS) for some time - HttpContext.Current.Response.AddHeader("Access-Control-Max-Age", "1728000");
if (HttpContext.Current.Request.HttpMethod == "OPTIONS")
{
HttpContext.Current.Response.End(); //We need that to handle the preflight (OPTIONS) calls correctly, the preflight call is made automatically before, let's say, GET or POST in line with CORS protocol
}
}
Points: 0
You voted ‘up’
Yuriy, thanks for the update. I'm glad you were able to the resolve the issue.
That said, we'll be closing the helpdesk ticket.
Points: 0
You voted ‘up’