$(function () { pageContext.i18n.modTalk = 'moderation talk'; pageContext.i18n.replyToComment = 'Reply'; pageContext.i18n.modTalkEmpty = 'moderation talk is empty'; pageContext.url.getModTalk = "/comments/%25ID%25/listModTalk.json"; pageContext.url.possibleCommentRecipients = "/comments/%ID%/possibleRecipients.json"; pageContext.url.commentEdit = '/comments/%25ID%25/edit.html'; pageContext.url.commentView = '/comments/%ID%/view.html'; pageContext.i18n.commentVisibility = { 'full': 'Viewable by all users', 'op': 'Viewable by the original poster', 'mod': 'Viewable by moderators', 'opAndMod': 'Viewable by moderators and the original poster', 'other': 'Advanced visibility', 'dialogTitle': 'Comment visibility', 'selectGroups': 'Visible to groups', 'selectOther': 'Other recipients', 'selectOriginalPoster': 'Original poster', 'selectModerators': 'Moderators', 'selectAssignees': 'Asked to answer users' }; pageContext.i18n.commentMenuLabels = { 'comment-edit': 'comments.menu.edit', 'comment-delete': 'comments.menu.delete', 'comment-convert': 'comments.menu.convert' };pageContext.i18n.answer= { bestAnswer: 'Best Answer', controlBar : { accept: 'Accept', unaccept: 'Unaccept', acceptCommand: 'Accept this answer as correct', cancelAcceptedCommand: 'Remove this answers accepted status' } }; window.croles = { u: false, op: false, m: false, og: false, as: false, ag: false, dc: false, doc: false, eo: false, ea: false }; tools.init({ q: { e: false, ew: false, eo: false, r: false, ro: false, d: false, dow: false, fv: false, c: false, co: false, p: false, tm: false , ms: false, mos: false }, n: { f: false, vf: false, vfo: false, vr: false, vro: false, c: false, co: false, vu: false, vd: false, w: false, wo: false, l: false }, c: { e: false, eo: false, d: false, dow: false, ta: false, tao: false, l: false }, a: { e: false, ew: false, eo: false, d: false, dow: false, a: false, aoq: false, ao: false, tc: false, tco: false, p: false, tm: false }, pc: croles }, { tc: true, nsc: true }); commandUtils.initializeLabels(); }); Skip to Content
avatar image
Former Member

CORS problem on HCP

Hi everyone,

I read a lot about my CORS problem but I can't solve it.
What can I do now? Are there any other options? I also tried the Hana Admin Interface but without any results...

This is my ajax request:

$.ajax({  
url:".../my.xsjs",
crossDomain: true,
headers: {
"X-CSRF-Token":"Fetch"
}
});

This is my .access file

{
    "exposed": true,
    "authentication": [{
        "method": "Form"
    }],
    "mime_mapping": [{
        "extension": "jpg",
        "mimetype": "image/jpeg"
    }],
    "force_ssl": false,
    "enable_etags": false,
    "prevent_xsrf": false,
    "anonymous_connection": null,
    "cors": [{
        "enabled": true,
        "allowMethods": [
            "GET",
            "POST",
            "HEAD",
            "OPTIONS"
        ],
        "allowOrigin": ["*"],
        "maxAge": "3600"
    }],
    "cache_control": "no-cache, no-store",
    "default_file": "index.html"
}
Add comment
10|10000 characters needed characters exceeded

  • Get RSS Feed

2 Answers

  • May 10, 2017 at 02:16 PM

    Hi Tobias,

    I have the same problem: I'd just like to call an xsjs function on my Hana MDC and I always run into a CORS issue.

    Did you manage to solve the issue somehow?

    Thanks & regards,
    LL

    Add comment
    10|10000 characters needed characters exceeded

  • May 17, 2017 at 12:38 PM

    Hi Tobias,

    Posting my solution here just for the record: I had to enable CORS in the XS Admin tool which one can find in SAP HANA Web-based Development Workbench Editor tool, along the path: /sap/hana/xs/admin/index.html

    In order to be able to start it, you need a user (preferably the SYSTEM user) with the necessary authorizations, so you'll need to add them in the SAP HANA Web-based Development Workbench Security tool. As I couldn't figure out which of them exactly are necessary, I just added all *xs.admin* roles:

    Once you manage to start the XS Admin tool, you can choose your package and drill down to the subpackage in which your xsjs service resides for which you want to enable CORS:

    After selecting the right package, you get a screen with three tabs where you need to choose CORS and after clicking the Edit button in the bottom right corner, set at least the followings (that already did the trick for me) and click Save:

    After having all these set, I don't get the "No 'Access-Control-Allow-Origin' header is present on the requested resource" error any more when calling via ajax the xsjs service from my UI5 app.

    Best regards,

    LL

    Add comment
    10|10000 characters needed characters exceeded