Skip to main content
S
17-Peridot
Sathishkumar_C17-Peridot
17-Peridot
June 15, 2019
Question

No 'Access-Control-Allow-Origin' - Thingworx 8.4/8.5

  • June 15, 2019
  • 1 reply
  • 8019 views

Hi @unknown ,

I am try get data from thingworx with HTTP POST request (JavaScript/HTML). But i am get an error like below,

 

Access to XMLHttpRequest at 'http://localhost:8080/Thingworx/Things?appKey=c0f49d05-d5a2-4d73-857e-4bc6ef7f89bf' from origin 'null' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.

 

I have updated "web.xml" file also enabled "Allow Request Method Switch" and "Allow Application key as URL Parameter". Still i am facing the same issue. Can i have a solution.?

 

 

Thanks.

1 reply

S
17-Peridot
Sathishkumar_C17-PeridotAuthor
17-Peridot
June 16, 2019

Anyone have answer for this? @tmisner 

T
tmisner16-Pearl
16-Pearl
June 17, 2019

Hello Sathishkumar,

 

Thank you for reaching out on the ThingWorx Developer Community.

 

Would it be possible to share the service code or further details on what data you are attempting to retrieve and more specifically how you are retrieving it?

 

I would also like to look at the web.xml file if you could provide it.

 

You are welcome to share these details in a private message if you would prefer.

 

Additionally, please investigate the details mentioned in CS229450 which covers the proper configuration of CORS on Tomcat with ThingWorx.

 

Regards,

Tyler Misner

ThingWorx Technical Support Engineer

    S
    17-Peridot
    Sathishkumar_C17-PeridotAuthor
    17-Peridot
    June 18, 2019

    Hi,

    I have mentioned below my html code and web xml, Please do the needfull.

    <html>
 <head>
 <meta charset="utf-8"/>
	<script>
		function httpGet()
		{
			//const theUrl = "http://192.168.0.53:8080/Thingworx/Things/test/Services/GetData?appKey=e359b63a-82b4-4a73-8f0f-6fa85bde51d0";
			const theUrl = "http://localhost:8080/Thingworx/Things/testthing/Services/test?appKey=e359b63a-82b4-4a73-8f0f-6fa85bde51d0";
			var xmlHttp = new XMLHttpRequest();
			xmlHttp.open( "POST", theUrl, false ); // false for synchronous request
			xmlHttp.setRequestHeader("Content-type", "application/json");
			xmlHttp.setRequestHeader("Accept","application/json");
			xmlHttp.setRequestHeader('Access-Control-Allow-Origin','Access-Control-Allow-Credentials');
			//var params = 'appKey=e359b63a-82b4-4a73-8f0f-6fa85bde51d0'
			xmlHttp.send();
			alert(xmlHttp.responseText)
			return xmlHttp.responseText;
		}
	</script>
	<script>
	function myFunction() {
	 alert("Hello! I am an alert box!");
	}
	</script>

 </head>
 <body>
	 <button onclick="httpGet()">Click me</button> 
	 <button onclick="myFunction()">Click me Test</button> 
 </body>
</html>
     
    Terms & ConditionsCookie settingsAccessibility statement