FHIR Chat · Inject CORS Header using SMART js client · smart

Stream: smart

Topic: Inject CORS Header using SMART js client

view this post on Zulip Joel Francis (May 27 2021 at 18:19):

Hello,

We are receiving the following error when our SMART client is launched from the Logic Sandbox - has been blocked by CORS policy: Response to preflight request doesn't pass access control check: It does not have HTTP ok status

How do we inject the Allow CORS header into our requests using the SMART JS client. Is there a way we can get a handle on the request object?

Thanks,
Joel, @Christa Wan , @Alex Goel , @Paul Puscas

view this post on Zulip Brian Postlethwaite (May 28 2021 at 02:47):

That's a server side problem that isn't doing the CORS responses, and the browser is protecting you from it. Server needs fixing, not Web client app.

view this post on Zulip Alex Goel (May 28 2021 at 13:24):

@Brian Postlethwaite we're trying to test this against the Logica sandbox, any suggestion on what we can do next?

view this post on Zulip Alex Goel (May 28 2021 at 13:25):

Joel Francis said:

How do we inject the Allow CORS header into our requests using the SMART JS client. Is there a way we can get a handle on the request object?

We were hoping someone could help us put this header in

view this post on Zulip Josh Mandel (May 28 2021 at 14:39):

You might want to reach out to the logica sandbox team. Can you paste in a full (""copy as curl") request/response log for these queries from your dev tools?

view this post on Zulip David Winters (Jun 01 2021 at 17:22):

I have a PR open that might be helpful if this problem hasn't been solved already. It allows the SMART JS client to return the redirect URL before actually redirecting.

view this post on Zulip David Winters (Jun 01 2021 at 17:24):

And here is the issue I created to describe this feature request. @Alex Goel @Joel Francis

view this post on Zulip Joel Francis (Jun 01 2021 at 17:46):

David Winters said:

I have a PR open that might be helpful if this problem hasn't been solved already. It allows the SMART JS client to return the redirect URL before actually redirecting.

Thanks @David Winters , I have responded to another post and tagged you with a proxy suggestion to inject the CORS header

view this post on Zulip Vladimir Ignatov (Jun 01 2021 at 18:35):

@David Winters I am reviewing your PR now, but I don't think it can solve this because

  1. Redirects don't need CORS
  2. If that really is a problem on the server, then there is nothing you can do to avoid it (other then using a proxy which is a crude workaround)

Last updated: Apr 12 2022 at 19:14 UTC


An HL7 Website -