Angular 5 / Camunda - CORS Same Origin blocking issues

Camunda 7 Topics Discussion & Questions
1

I am having issues posting to my Camunda application from my Angular 5 application. I have read the other CORS posts on this site, so I will try to show what steps I have taken relating to those below. Unfortunately, I have been unable to resolve the issue so far. It is also worth noting that I am trying to do this behind a corporate proxy, in case that is relevant. Onto the issue:

I am calling a post request using the following code, where ‘this.http’ is an Angular HttpClient object:

Http

AngularCodeMain
AngularCodeMain835×138 6.13 KB

When this request is sent, I receive this standard CORS error in Firefox:

Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at http://localhost:8080/engine-rest/message. (Reason: CORS header ‘Access-Control-Allow-Origin’ missing).

And in Chrome:

Error
Error1895×49 6.35 KB

My Camunda file “camunda-bpm-tomcat-7.8.0/server/apache-tomcat-8.0.47/webapps/engine-rest/WEB-INF/web.xml” file looks like this (note the CorsFilter at the top):

<web-app version="2.5" xmlns="http://java.sun.com/xml/ns/javaee"
  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
  xsi:schemaLocation="http://java.sun.com/xml/ns/javaee    http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd">
	<filter>
      <filter-name>CorsFilter</filter-name>
      <filter-class>org.apache.catalina.filters.CorsFilter</filter-class>    
    </filter>
    <filter-mapping>
      <filter-name>CorsFilter</filter-name>
      <url-pattern>/*</url-pattern>
    </filter-mapping>
	
  <filter>
    <filter-name>EmptyBodyFilter</filter-name>
    <filter-class>org.camunda.bpm.engine.rest.filter.EmptyBodyFilter</filter-class>
  </filter>
  <filter-mapping>
    <filter-name>EmptyBodyFilter</filter-name>
    <url-pattern>/*</url-pattern>
  </filter-mapping>

  <filter>
    <filter-name>CacheControlFilter</filter-name>
    <filter-class>org.camunda.bpm.engine.rest.filter.CacheControlFilter</filter-class>    
  </filter>
  <filter-mapping>
    <filter-name>CacheControlFilter</filter-name>
    <url-pattern>/*</url-pattern>
  </filter-mapping>
  
  <!-- Http Basic Authentication Filter -->
  <!-- <filter>
    <filter-name>camunda-auth</filter-name>
    <filter-class>
      org.camunda.bpm.engine.rest.security.auth.ProcessEngineAuthenticationFilter
    </filter-class>
    <init-param>
      <param-name>authentication-provider</param-name>
      <param-value>org.camunda.bpm.engine.rest.security.auth.impl.HttpBasicAuthenticationProvider</param-value>
    </init-param>
    <init-param>
	    <param-name>rest-url-pattern-prefix</param-name>
	    <param-value></param-value>
	  </init-param> 
  </filter>

  <filter-mapping>
    <filter-name>camunda-auth</filter-name>
    <url-pattern>/*</url-pattern>
  </filter-mapping> -->

  <filter>
      <filter-name>Resteasy</filter-name>
      <filter-class>
          org.jboss.resteasy.plugins.server.servlet.FilterDispatcher
      </filter-class>
      <init-param>
          <param-name>javax.ws.rs.Application</param-name>
          <param-value>org.camunda.bpm.engine.rest.impl.application.DefaultApplication</param-value>
      </init-param>
  </filter>

  <filter-mapping>
      <filter-name>Resteasy</filter-name>
      <url-pattern>/*</url-pattern>
  </filter-mapping>

</web-app>

I have been searching for quite some time but have not found a solution to my problem. I assume I am missing something simple or have messed up a step somewhere, any help would be greatly appreciated :slight_smile:

2

Forgot to mention - I have no post issues in Postman.

3

Issue has been solved! Made a rookie mistake, and was sending ‘Access-Control-Allow-Origin’ in my post request. Given this is a server side option header, sending it from the client side breaks the request in this instance.

I removed this header from my ‘new HttpHeaders’ declaration and it solved the issue.

2 Likes
4

Thanks for sharing the solution :slight_smile:

1 Like
5