#1 2023-09-04 14:08:58

erick
Member
Registered: 2015-09-09
Posts: 155

CORS / AccessControlAllowOrigin := '*';

Hi,

I downloaded Mormot2.1 and I'm looking for an example of Mormon2 using authentication to test my new JavaScript Mormot2 libraries which will be released open source.

I found a good example with Client and Server in :

   mormot2\ex\ThirdPartyDemos\tbo\03-HttpServer-MethodServices

There is an accompanying article, unfortunately, my ancient grade-school German is too stale to be able to understand it.

But my problem is I keep getting CORS errors if I try to access the Mormon service with a Web browser.

This is even though the stock code has the line:

   FHttpServer.AccessControlAllowOrigin := '*';

which in my experience fixes CORS.  Not sure why it doesn't here.

This is currently a roadblock.

Does anyone have any suggestions?

Thanks in advance,
Erick

Offline

#2 2023-09-04 14:21:43

erick
Member
Registered: 2015-09-09
Posts: 155

Re: CORS / AccessControlAllowOrigin := '*';

BTW, I was using 2.1-stable if that matters.

Erick

Offline

#3 2023-09-04 15:34:23

tbo
Member
Registered: 2015-04-20
Posts: 328

Re: CORS / AccessControlAllowOrigin := '*';

Here is the translation of the article into English with Google Translator. The result is not perfect, but it is readable.

I used the server as an example for a new article with TMS WebCore. Unfortunately I didn't pay attention during the implementation and developed against an older version of mORMot2. I had no time for a revision for a year. The following changes were made that it works with the WebCore Miletus App example:

constructor TFileRestServer.Create(const pmcRootName: RawUtf8; const pmcDataFolder: TFileName);
begin
  if not DirectoryExists(pmcDataFolder) then
    raise Exception.Create('A data directory must be specified.');

  CreateWithOwnModel([TAuthGroup, TFileAuthUser], {HandleUserAuthentication=} False, pmcRootName);
  // Register the authentication methods selectively
{$IF DEFINED(AuthNone)}
  AuthenticationRegister(TRestServerAuthenticationNone);
{$ELSE}
  (AuthenticationRegister(TRestServerAuthenticationDefault) as TRestServerAuthenticationSignedUri).NoTimestampCoherencyCheck := True;
{$ENDIF}
...

constructor TTestServerMain.Create(const pmcCustomerConfigFileName: TFileName; const pmcDataFolder: TFileName);
begin
  inherited Create;
  FRestServer := TFileRestServer.Create(ROOT_NAME_FILE, pmcDataFolder);
  FRestServer.NoAjaxJson := False;  // Important that JavaScript can process the result
...

With best regards
Thomas

Offline

Board footer

Powered by FluxBB