Skip to Content
author's profile photo Former Member
Former Member

JSONP and CORS Not Working for fixing access control allow origin issue

Hi Experts,
I am trying to access a RESTful Service( Created in SICF, Implementation written in Handler Class) from a JavaScript application.
Now, i am facing the issue of Cross Control Access Origin.
After hours of research, i found out that there are two ways to solve this:
a) JSONP
b) CORS

a) JSONP :
Now, i used JSONP with Callback function and it is calling the SAP REST Handler and setting the response in JSON( Used CL_FDT_JSON Class for converting ABAP to JSON). But, the AJAX call is going to error section giving "Parse Error" in the Browser Development tools.
I believe SAP is not compatible with JSONP and that's why i am not getting the success result(Please CORRECT ME IF I AM WRONG)


Here is the code,
<script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/jquery/1.6.2/jquery.min.js"></script>
<p>Enter Ticket Number
<input id="Text1" type="text" /></p>
<p>
Enter Mode
<input id="Text2" type="text" />
</p>
<input type='submit' onclick='submitForm2()' name='btn' value='Call SAP' />
<table id="myTable" style="width:100%;"></table>
<script>

function submitForm2() {
$.ajax({
url: "http://DOMAIN.com:8000/sap/bc/ztrees_rest_api?id=123&callback=?",
dataType: "jsonp",
success: function (json) {
alert("Success");
},
error: function(e) {
alert("The error is",e.message);
}
});

}

function jsonCallback(json) {
alert(json);
}


b) CORS
Now, the second option was to use CORS.
I added the header parameter while sending the response from the Handler Class
server->response->set_header_field( Exporting name = 'Access-Control-Allow-Origin'

value = '*' )

Now, the modified code for this part is

function submitForm2() {

$.ajax({
type: 'GET'

url: "http://DOMAIN.com:8000/sap/bc/ztrees_rest_api?id=123",

dataType: "json",

success: function (json) {

alert("Success");

},

error: function(e) {

alert("The error is",e.message);

}

});

}

In this case, the SAP Server is not even getting called and i am getting 401 Unauthorized and Access Control Allow Origin Error is appearing from the beginning.

Note:
I can disable the Web Security to make it work but it is for practical implementation.

Apologies for the long post but i am going mental and i am unable to fix it.

Thanks
Sahil

Add a comment
10|10000 characters needed characters exceeded

Related questions

1 Answer

  • Best Answer
    Posted on Aug 02, 2016 at 02:05 PM

    Hi Sahil Shah,

    the statement "ABAP does not support JSONP" does not make sense. ABAP supports whatever you want to have in the response payload. You can send any data in any form in your HTTP request handler - everything depends on your implementation of the HTTP request handler.

    JSONP simply means that you have to program your request handler in such a way that it wraps its normal response '...' into a string 'handle( ... )', where 'handle' is an identifier name which is passed as request parameter to the service and has to be echoed as described into the response.

    Your second issue, HTTP 401 Unauthorized, points to a different problem. Are you aware of the "preflight requests" with the OPTIONS verb which is sent ahead in advance instead of "GET" or "POST" and doesn't require Authentication Data (instead of the "real" GET request which is sent afterwards and which does require the Authentication Data)? See javascript - 401 when trying to implement CORS for SharePoint - Stack Overflow for an introduction into this general CORS issue.

    Regards,

    Rüdiger

    Add a comment
    10|10000 characters needed characters exceeded

    • Former Member Rüdiger Plantiko

      You are right. In the rest of the places in SCN, they have taken the route of implementing Reverse Proxy.

      Now, i have to ask the Basis Team to set up the Reverse Proxy and see if things get better. Do you have any docs related to Reverse Proxy.


      Thanks
      Sahil

Before answering

You should only submit an answer when you are proposing a solution to the poster's problem. If you want the poster to clarify the question or provide more information, please leave a comment instead, requesting additional details. When answering, please include specifics, such as step-by-step instructions, context for the solution, and links to useful resources. Also, please make sure that you answer complies with our Rules of Engagement.
You must be Logged in to submit an answer.

Up to 10 attachments (including images) can be used with a maximum of 1.0 MB each and 10.5 MB total.