CS REST API and CORS on IE

I am writing some basic tests using Content Server API v1, and encountered a problem - IE. Both 10 and 9 (most likely 8 too)
From what I understand, 9 (and 8) doesn't support XMLHTTPRequest with CORS at all, so CORS is done via XDomainRequest, which does not support custom headers. This means:
1) content type is always text, and the authentication webservice expects Content-Type: application/x-www-form-urlencoded. It simply doesn't parse raw data and complains about missing "username" argument even though it's provided
2) we won't be able to set OTCSToken header, so... everything else won't work.

As for IE 10, I cannot get it to work on Windows 8, I keep getting Access Denied on xhr.open(...), and the request isn't even sent. It works fine on Windows 7. Nevermind. The second domain was not in my trusted sites. Doh. So IE 10 is fine with XMLHttpRequest, so are Firefox and Chrome (of course).

So what about IE 9/8? Any pointers? Someone must have tested cross domain requests with IE.

Find more posts tagged with

Comments

Ben_Barth

Hi Maria,

Thank you for your question.

The standard way to support this kind of behaviour is to use the AppWorks proxy. Proxying content allows you to bypass many cross-domain (same-origin policy) issues. You are able to download the proxy (otag.proxy) under the Downloads section.
Resources -> Downloads -> Components - Proxy (otag.proxy)

See what's new in AppWorks 1.1.5
AppWorks Developer Article - OpenText AppWorks Gateway 1.1.5 available

Ferdinand Prantl

If you deploy your testing application to OTAG, the AppWorks proxy will help you. If your testing page does nor run on OTAG, it will not. If you need a general solution for the CORS support, not a solution for OTAG applications only, XDomainRequest has severe limitations. I suggest using window-to-window cross-origin communication as a workaround for the IE8-9. If you install the CS UI Widgets, you will get the CORS support done this way by our jQuery.CoAjax there. This is an example to get a node information using jQuery on any browser:

csui.require(["lib/jquery", "util/coajax"], function ($, CoAjax) {

  var connection: {
          url: "//localhost/otcs/cs/api/v1",
          supportPath: "/otcssupport"
      };

  CoAjax.registerTarget(connection);

  $.ajax({
    type: "GET", url: connection.url + "/nodes/123",
    headers: { Authorization: "Basic " + btoa("Admin:livelink") }
  }).done(function (response) {
    alert(response.data.name);
  });

});