Skip to Content
avatar image
Former Member

SAPUI5 Cross-origin resource sharing issues while Posting to backend.

Hello SAPUI5 people,

I'm still having some issues with posting to the SAP backend.

The Problem:

I am using jQuery to post to the SAP backend via the following code:

I added a debugger to the incoming webservice call in SAP and it says Method: OPTIONS instead of Method: POST.

I have tested this from my local webserver & via the sap cloud portal.

The big But

When I simply run that code via an HTML file in Internet Explorer, and look at the debugger it says Method: POST and adds my data the my table.

My local code:

Now the big But, when I run the same file in Firefox / Chrome, the Method turns to OPTIONS again.

What needs to happen (don't know how)

SAP needs to enable cross-origin resource sharing on the online webserver.

Or someone needs to suggest me a better way of doing this.

Temp Fix (bad practice)

I can replace the Method Options to Method Post, hard coded. But this is dirty nasty code.

Temp conclusion


  • Post to SAP Backend via Internet Explorer and simple HTML File

Does not Work:

  • Post to SAP Backend via Firefox & Chrome via simple HTML File
  • Post to SAP Backend via IE, FF and Chrome on Local SAP Eclipse Webserver.
  • Post to SAP Backend via IE, FF and Chrome on SAP Cloud Trial account

More information about CORS:

I hope someone can help me, because I spend a lot of time figuring this out.

Kind regards,


Add comment
10|10000 characters needed characters exceeded

  • Get RSS Feed

3 Answers

  • Best Answer
    Dec 04, 2012 at 02:32 PM

    Hi Vincent,

    your coding works in IE due to your IE settings (Internet Options -> Security -> <select your zone> -> Custom Level -> Miscellaneous -> Access data sources across domains). If you activate it, you should be aware, that all requests across origins are allowed - I suppose that is something you do not really want. By the way, select the "Prompt" options doesn't really help, since IE doesn't tell you which origin tries to send a request to which origin. In IE (less than 10) there exists the XDomainRequest object, which implements CORS (but it has a number of limitations in contrast to XMLHttpRequest with CORS).

    But since most of the existing services currently do not support CORS, I would suggest to configure / install a reverse proxy (Apache, SAP Web Dispatcher, ...), which directs the requests to the correct origin (and simulates a single origin to the browser).

    We are currently working on an extension to the End2End Tutorial, which will cover the cross-origin topic.

    Hth, Bernhard

    Add comment
    10|10000 characters needed characters exceeded

  • avatar image
    Former Member
    Dec 04, 2012 at 09:54 AM

    I have tried this:

    var invocation = new XMLHttpRequest();    var url = '';    var body = '<result><firstname>perthyrtyrtygop</firstname><lastname>sparta</lastname></result>';   
  'POST', url, true);       invocation.setRequestHeader('X-PINGOTHER', 'pingpong');       invocation.setRequestHeader('Content-Type', 'application/xml');       invocation.send(body);

    Works locally only in IE.

    Add comment
    10|10000 characters needed characters exceeded

  • Dec 04, 2012 at 01:31 PM

    Hi Vincent,

    Check the following link.

    HTML5 ROCKS - Using CORS

    Preflight Request:

    The preflight request is made as an HTTP OPTIONS request (so be sure your server is able to respond to this method)

    Hope it helps.



    Add comment
    10|10000 characters needed characters exceeded