FHIR Chat · docs / Issue #37 Hub should allow "Access-Control-Allow-O... · fhircast-github

Stream: fhircast-github

Topic: docs / Issue #37 Hub should allow "Access-Control-Allow-O...

view this post on Zulip Github Notifications (FHIRcast) (Oct 03 2018 at 06:23):

mbellehumeur opened Issue #37

When trying to POST a notification from client to hub using JavaScript in a browser, the POST is blocked by the browser because the server has to be set for "Access-Control-Allow-Origin".
For example, the following code:
_var request=new XMLHttpRequest();
request.open("POST","http://localhost:5000/api/hub/");
request.setRequestHeader("Content-Type","application/json");
request.send(message);
console.log('event sent from browser');_

results in this error in Safari:
_Error] XMLHttpRequest cannot load http://localhost:5000/api/hub/ due to access control checks._

I have ran into this issue before on other projects.
In IIS, for example, you can configure like this:

<httpProtocol>
<customHeaders>
<add name="Access-Control-Allow-Origin" value="*" />
<add name="Access-Control-Allow-Methods" value="GET, POST" />
</customHeaders>
</httpProtocol>

view this post on Zulip Github Notifications (FHIRcast) (Oct 05 2018 at 10:25):

mbellehumeur commented on Issue #37

Should have posted this in the sandbox GitHub list. Closing this one.

view this post on Zulip Github Notifications (FHIRcast) (Oct 05 2018 at 10:25):

mbellehumeur closed Issue #37

When trying to POST a notification from client to hub using JavaScript in a browser, the POST is blocked by the browser because the server has to be set for "Access-Control-Allow-Origin".
For example, the following code:
_var request=new XMLHttpRequest();
request.open("POST","http://localhost:5000/api/hub/");
request.setRequestHeader("Content-Type","application/json");
request.send(message);
console.log('event sent from browser');_

results in this error in Safari:
_Error] XMLHttpRequest cannot load http://localhost:5000/api/hub/ due to access control checks._

I have ran into this issue before on other projects.
In IIS, for example, you can configure like this:

<httpProtocol>
<customHeaders>
<add name="Access-Control-Allow-Origin" value="*" />
<add name="Access-Control-Allow-Methods" value="GET, POST" />
</customHeaders>
</httpProtocol>

Last updated: Apr 12 2022 at 19:14 UTC


An HL7 Website -