You need to sign in to do that
Don't have an account?
gs88834
CORS configuration for a Localhost connection within salesforce
I'm having an issue with connecting a 3rd party mobile application that leverages javascript to attain the correct Access_Control_Allow Headers for CORS compliance. I've setup the application in the CORS whitelist using the following pattern: http://localhost:8100. I also tried adding the IP address, but I kept on getting an error related to an improper URL format.. The request includes the following:
The request I'm sending is the same request specified in your document, except that it's using JSON.
{
"grant_type": "password",
"client_id": "3MVG9hq7jmfCuKffUGdcgE1wherSAQLAa3y9rRfgcW_YgB_hgO6BQdyiio_StTcQj8MSolSDxjpUuEksqx5Sp",
"client_secret": "677911424197059408",
"username": "cwdevelopmentdev@contentwatch.com",
"password": "CWDev123qbSN0DkczmlvOJie2kOJfy9fA"
}
The response I'm expecting is something like this:
{
"access_token": "00D2C0000000pWC!AQIAQAAzmEc49tiyu6YZor4NL20KhLWwPu3EsFCs6O2.sXuuGHH0zkRHAwFrIFf.3Cen_k5vnSL1FuJ9apUeBPuE9AY18h8y",
"instance_url": "https://cs59.salesforce.com",
"id": "https://test.salesforce.com/id/00D2C0000000pWCUAY/0052C000000GLK5QAO",
"token_type": "Bearer",
"issued_at": "1476201662859",
"signature": "rEW13KGMOcjLc2GyhJpArqDIz8Ue+B7iHLTpNROFg/Y="
}
But the important thing about the response is the headers. Here is the set of headers I currently get on the response:
Cache-Control →no-cache, no-store
Content-Encoding →gzip
Content-Type →application/json;charset=UTF-8
Date →Tue, 11 Oct 2016 16:01:02 GMT
Pragma →no-cache
Strict-Transport-Security →max-age=31536000; includeSubDomains
Transfer-Encoding →chunked
X-ReadOnlyMode →false
The headers that I'm missing look something like this:
Access-Control-Allow-Headers →Origin, Content-Type, Accept, Pragma, Cache-Control, If-Modified-Since, Authorization
Access-Control-Allow-Methods →OPTIONS, GET, POST, PUT
Access-Control-Allow-Origin →*
Can you provide any feedback about why I'm not getting the Access-Control-Allow-Headers, methods and Origin values?
Thanks
The request I'm sending is the same request specified in your document, except that it's using JSON.
{
"grant_type": "password",
"client_id": "3MVG9hq7jmfCuKffUGdcgE1wherSAQLAa3y9rRfgcW_YgB_hgO6BQdyiio_StTcQj8MSolSDxjpUuEksqx5Sp",
"client_secret": "677911424197059408",
"username": "cwdevelopmentdev@contentwatch.com",
"password": "CWDev123qbSN0DkczmlvOJie2kOJfy9fA"
}
The response I'm expecting is something like this:
{
"access_token": "00D2C0000000pWC!AQIAQAAzmEc49tiyu6YZor4NL20KhLWwPu3EsFCs6O2.sXuuGHH0zkRHAwFrIFf.3Cen_k5vnSL1FuJ9apUeBPuE9AY18h8y",
"instance_url": "https://cs59.salesforce.com",
"id": "https://test.salesforce.com/id/00D2C0000000pWCUAY/0052C000000GLK5QAO",
"token_type": "Bearer",
"issued_at": "1476201662859",
"signature": "rEW13KGMOcjLc2GyhJpArqDIz8Ue+B7iHLTpNROFg/Y="
}
But the important thing about the response is the headers. Here is the set of headers I currently get on the response:
Cache-Control →no-cache, no-store
Content-Encoding →gzip
Content-Type →application/json;charset=UTF-8
Date →Tue, 11 Oct 2016 16:01:02 GMT
Pragma →no-cache
Strict-Transport-Security →max-age=31536000; includeSubDomains
Transfer-Encoding →chunked
X-ReadOnlyMode →false
The headers that I'm missing look something like this:
Access-Control-Allow-Headers →Origin, Content-Type, Accept, Pragma, Cache-Control, If-Modified-Since, Authorization
Access-Control-Allow-Methods →OPTIONS, GET, POST, PUT
Access-Control-Allow-Origin →*
Can you provide any feedback about why I'm not getting the Access-Control-Allow-Headers, methods and Origin values?
Thanks