I am developing a web application that connects to Rad Server. All has been fine, except when trying to pass a JWT token in the headers of a request.
I have CORS enabled Rad Server by modifying the emsserver.ini with CrossDomain=*. I have many endpoints that don't require a JWT token, and these endpoints are working fine. However, when I try to add a JWT token to a GET request using the following, I run into problem:
I add header parameters:
Name: x-access-token
Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9....
I send the request to the server, and I'm met with the following error:
Access to XMLHttpRequest at 'http://localhost:8080/Riv********/GetStatus' from origin 'http://localhost:8000' has been blocked by CORS policy: Request header field x-access-token is not allowed by Access-Control-Allow-Headers in preflight response.
This is on my development machine using TMS Web Core. I emailed TMS support, and they weren't much help 😞
My hunch is that Rad Server doesn't understand a-access-token, and responds accordingly.
![Delphi-PRAXiS [en]](https://en.delphipraxis.net/uploads/monthly_2018_12/logo.png.be76d93fcd709295cb24de51900e5888.png){kind=logo}
Rad Server CORS Problem
in Network, Cloud and Web
Posted
I am developing a web application that connects to Rad Server. All has been fine, except when trying to pass a JWT token in the headers of a request.
I have CORS enabled Rad Server by modifying the emsserver.ini with CrossDomain=*. I have many endpoints that don't require a JWT token, and these endpoints are working fine. However, when I try to add a JWT token to a GET request using the following, I run into problem:
I add header parameters:
Name: x-access-token
Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9....
I send the request to the server, and I'm met with the following error:
Access to XMLHttpRequest at 'http://localhost:8080/Riv********/GetStatus' from origin 'http://localhost:8000' has been blocked by CORS policy: Request header field x-access-token is not allowed by Access-Control-Allow-Headers in preflight response.
This is on my development machine using TMS Web Core. I emailed TMS support, and they weren't much help 😞
My hunch is that Rad Server doesn't understand a-access-token, and responds accordingly.
Any input would be appreciated!
John