Skip to Content
avatar image
Former Member

Problem with Same-Origin Policy

Hi experts,

We have a published application at HCPms, that if we do not activate the Same-Origin Policy option works correctly, but in the moment we activate this option stops working.

The application is fiori and runs in a fiori client customized although we have also tested in a public fiori client.

The communication between HCPms and backend works correctly, but in the moment when we want to access to the fiori tile an error appears, although if we do not activate the Same-Origin Policy works correctly.

The error is the following:

We see the following when debugging:

and if we look at the headers we see the following:

We see that in the Response Headers, the header "Acces-Control-Allow-Origin"  is correct "https://mobile-xxx.hana.ondemand.com", but the request URL that arriving and blocks it is "http://mobile-xxx.hana.ondemand.com:443/.....".

As can be seen, the domain protocol it receives and the protocol of the domain allowed are different. This is the reason of the blocking.

How is possible we recived the request with the protocol changed?

Thanks and regards.

Josep-Manel Reyes

pastedImage_8.png (43.6 kB)
pastedImage_9.png (71.6 kB)
pastedImage_10.png (117.6 kB)
Add comment
10|10000 characters needed characters exceeded

  • Get RSS Feed

1 Answer

  • Best Answer
    Oct 29, 2015 at 03:31 PM

    This is a known issue and is expected to be addressed in a near future release.

    Add comment
    10|10000 characters needed characters exceeded

    • Former Member

      Hi everyone,

      this issue has been solved in the 1.3.1 version of the HCPms with the SAP SDK PS10 PL06.

      Regards.