7

I'm trying to get CORS working for a new version of our SOAP web service (which runs under HTTPS and has username/password authentication) which can be connected to via JS.

At the moment I'm getting it working fine locally (not cross-domain) but soon as it is using a different domain I get the following from the WCF Traceviewer. (400 Bad Request in IIS7)

<ExceptionString>System.Xml.XmlException: The body of the message cannot be read because it is empty.</ExceptionString>

It seems it's not even getting to the part where my message inspector runs to add the appropriate CORS headers.

Has anyone experienced this before or managed to get CORS to work under a HTTPS SOAP service?

I'd appreciate any advice you can give.

Cheers, Jamie

Jamie
  • 876
  • 1
  • 10
  • 28
  • Nobody have any ideas? – Jamie Jul 26 '13 at 07:53
  • 1
    Have you reviewed and tried solutions from this [SO: enabling cross-origin resource sharing on IIS7](http://stackoverflow.com/questions/12458444/enabling-cross-origin-resource-sharing-on-iis7) – Petar Vučetin Jul 29 '13 at 16:02
  • make sure any non GET/POST methods are explicitly allowed by content-orign-allow-methods. i remember webDAV using propget, and search, not sure about other SOAPs... – dandavis Jul 29 '13 at 21:08
  • Thanks for the responses. Peter - Yes I've enabled that in my server config and modified the IIs settings. I'm getting both 400 in Firefox/Chrome, but due to the bug in Chromium it is sending the request afterwards (which works), so I assume it's just getting past the preflight requests, though it definitely isn't getting into my code. – Jamie Jul 30 '13 at 06:47

1 Answers1

1

Actually you can do this only implement the response custom header per request like this.

Response.AppendHeader("Access-Control-Allow-Origin", "*");

There are more ways to do this. You can only chooise is. Do you look the enabling cross domain access on wcf articles? Implemented a project used wcf service from wcf and wcf service hosts on cross domain. You can use jsonp with webhttp binding. example answer is here;

Cross Domain jQuery Ajax Request & WCF REST Service

or you can implement configuration like this:

<system.webServer>
 <httpProtocol>
  <customHeaders>
   <add name="Access-Control-Allow-Origin" value="*" />
  </customHeaders>
 </httpProtocol>
</system.webServer>

For best way to implement/enabling cors please check the enable-cors.org site. i can found easyly that link.

http://enable-cors.org/server_wcf.html

At least you can use jsonp instead of json. its free you but difficult to handle.

I wonder what you chooise it.

Community
  • 1
  • 1
Omer Faruk Zorlu
  • 371
  • 1
  • 18
  • I'm using SOAP as it's an existing service. If this was REST or JSON it would probably be a lot easier. I've already looked at the enable-cors site with no success, so I imagine the issue is to do with security. – Jamie Aug 26 '13 at 09:31
  • OK, can you tried create a proxy service like a myproxy.svc(same site where to javascript files run or cors enabled site) and call via js corsenabledsite.com/myservice/requestToRealService or myservice/requestToRealService. in requestToRealService you can call service on your server. – Omer Faruk Zorlu Aug 04 '14 at 21:21