cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Showing results for 
Search instead for 
Did you mean: 

Community Tip - Did you get called away in the middle of writing a post? Don't worry you can find your unfinished post later in the Drafts section of your profile page. X

CORS Exception while calling Windchill REST Services

amarjit
7-Bedrock

CORS Exception while calling Windchill REST Services

I am using Windchill PDMLink Release 12.0 and Datecode with CPS 12.0.2.8

CORS issue in the Windchill while calling the Windchill REST Services from an external application

Here are the errors that I faced
Access to fetch at 'https://plm-test.intra.infineon.com/Windchill/servlet/odata/v1/Infineon/IFXParts('1231231')' from origin 'https://portal-graviteeio-sbx.icp.infineon.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
6 REPLIES 6
DmitryC
14-Alexandrite
(To:amarjit)

Try looking at CORS filter in Windchill\tomcat\conf\web.xml

 

	<filter>
		<filter-name>CorsFilter</filter-name>
		<filter-class>org.apache.catalina.filters.CorsFilter</filter-class>
		<init-param>
			<param-name>cors.allowed.origins</param-name>
			<param-value>null</param-value>
		</init-param>
		<init-param>
			<param-name>cors.allowed.methods</param-name>
			<param-value>GET,POST,HEAD,OPTIONS,PUT</param-value>
		</init-param>
		<init-param>
			<param-name>cors.allowed.headers</param-name>
			<param-value>Content-Type,X-Requested-With,accept,Origin,Access-Control-Request-Method,Access-Control-Request-Headers</param-value>
		</init-param>
		<init-param>
			<param-name>cors.exposed.headers</param-name>
			<param-value>Access-Control-Allow-Origin,Access-Control-Allow-Credentials</param-value>
		</init-param>
		<init-param>
    <param-name>cors.support.credentials</param-name>
    <param-value>true</param-value>
		</init-param>
		<init-param>
			<param-name>cors.preflight.maxage</param-name>
			<param-value>10</param-value>
		</init-param>
	</filter>
	
	<filter-mapping>
		<filter-name>CorsFilter</filter-name>
		<url-pattern>/*</url-pattern>
	</filter-mapping>

 

 

Kind regards,

Dmitry

amarjit
7-Bedrock
(To:DmitryC)

Thanks for your response.

Is the CORS exception need to be enabled in the Windchill\tomcat\conf\web.xml or the Windchilll\codebase\WEB-INF\web.xml 

Hello amarjit,

Can you review kb article https://www.ptc.com/en/support/article/CS378185 ?

KR,

Charles.

Hello amarjit,

Were the information provided helpful somehow ?

KR,

Charles.

DmitryC
14-Alexandrite
(To:amarjit)

Windchill help file suggest editing <Windchill_Home>\codebase\WEB-INF\web.xml 

 

As for me, I've struggled a lot a few years ago and managed to make it work by editing tomcat configuration directly and I'm certainly won't touch anything now unless it breaks 😃

Hi, I also struggled long with the cors topic. Until I finally found the problem.

 

        <filter-name>ContentCorsFilter</filter-name>
        <filter-class>org.apache.catalina.filters.CorsFilter</filter-class>
        <init-param>
            <param-name>cors.allowed.origins</param-name>
            <param-value>http://localhost:4200</param-value>
        </init-param>
        <init-param>
            <param-name>cors.support.credentials</param-name>
            <param-value>true</param-value>
        </init-param>
        <init-param>
            <param-name>cors.allowed.methods</param-name>
            <param-value>GET,POST,OPTIONS</param-value>
        </init-param>
        <init-param>
            <param-name>cors.allowed.headers</param-name>
            <param-value>Content-Type,X-Requested-With,Access-Control-Allow-Origin,Access-Control-Allow-Credentials</param-value>
        </init-param>
    </filter>
    <filter>
        <filter-name>ContentHttpHeaderSecurityFilter</filter-name>
        <filter-class>org.apache.catalina.filters.HttpHeaderSecurityFilter</filter-class>
        <init-param>
            <param-name>antiClickJackingOption</param-name>
            <param-value>ALLOW-FROM</param-value>
        </init-param>
        <init-param>
            <param-name>antiClickJackingUri</param-name>
            <param-value>http://localhost:4200</param-value>
        </init-param>
    </filter>
    <filter-mapping>
        <filter-name>ContentCorsFilter</filter-name>
        <url-pattern>/servlet/WindchillAuthGW/wt.content.ContentHttp/viewContent/*</url-pattern>
        <url-pattern>/servlet/WindchillGW/wt.fv.master.StandardMasterService/doDirectDownload/*</url-pattern>
        <url-pattern>/servlet/WindchillGW/wt.fv.replica.StandardReplicaService/doDownload/*</url-pattern>
        <url-pattern>/servlet/WindchillGW/wt.fv.replica.StandardReplicaService/doIndirectDownLoad/*</url-pattern>
        <url-pattern>/servlet/WindchillGW/wt.fv.uploadtocache.DoUploadToCache_Server/doUploadToCache_Master</url-pattern>
        <url-pattern>/servlet/WindchillGW/wt.fv.uploadtocache.DoUploadToCache_Server/doUploadToCache_Replica</url-pattern>
    </filter-mapping>
    <filter-mapping>
        <filter-name>ContentHttpHeaderSecurityFilter</filter-name>
        <url-pattern>/servlet/WindchillAuthGW/wt.content.ContentHttp/viewContent/*</url-pattern>
        <url-pattern>/servlet/WindchillGW/wt.fv.master.StandardMasterService/doDirectDownload/*</url-pattern>
        <url-pattern>/servlet/WindchillGW/wt.fv.replica.StandardReplicaService/doDownload/*</url-pattern>
        <url-pattern>/servlet/WindchillGW/wt.fv.replica.StandardReplicaService/doIndirectDownLoad/*</url-pattern>
        <url-pattern>/servlet/WindchillGW/wt.fv.uploadtocache.DoUploadToCache_Server/doUploadToCache_Master</url-pattern>
        <url-pattern>/servlet/WindchillGW/wt.fv.uploadtocache.DoUploadToCache_Server/doUploadToCache_Replica</url-pattern>
    </filter-mapping>

 

 My problem was, that the tag cors.allowed.headers did not have the appropriate header information in it. This is just missing in the WNC help.

Access-Control-Allow-Origin,Access-Control-Allow-Credentials

Adding the above entries to the codebase/WEB-INF/web.xml  solved all my CORS problems.

Announcements


Top Tags