Servicestack Options 404 and Cors Origin

Question

I am doing a cors request from my

client: http://mypcname.companyname

to the servicestack

server: http://mypcname.companyname:83/customersInformation

Thats the request with javascript superagent library:

superagent.get(requestUrl)
          .set('Authorization', "basictoken " + getToken())
          .set('Accept', 'application/json')
          .end(function (response) {


          });

This get request works totally fine with the Web API! So the problem can not be the client side in my opinion.

Thats my service stack setup:

Plugins.Add(new CorsFeature(allowedOrigins: Settings.Default.SmartAllowedCorsOrigin, allowCredentials: true, allowedHeaders: "Content-Type, Authorization"));
RequestFilters.Add((httpReq, httpRes, requestDto) =>
{
    if (httpReq.HttpMethod == "OPTIONS")
    {
        httpRes.End();
    }

});

That is how I have setup the class with the customersInformation data:

[Route(RouteTemplate,"GET, OPTIONS",...)]

Since I use the options request filter from above the option 404 error is gone but now I have something even worse...:

OPTIONS http://mypcname.companyname:83/customersInformation Origin http://mypcname.companyname is not allowed by Access-Control-Allow-Origin.

What do I have to do on server side to make the cors finally working?

UPDATE

As Answer to mythz question getting the respone header data:

This is the raw data I get as response from the server using the default values on cors plugin: (fiddler raw tab)

HTTP/1.1 200 OK
Server: Microsoft-HTTPAPI/2.0
Date: Tue, 29 Oct 2013 10:04:48 GMT
Content-Length: 0

error in google chrome:

OPTIONS http://mypcname.companyname:83/customersInformation Origin http://mypcname.companyname is not allowed by Access-Control-Allow-Origin.

The Get method which should be called after the options (thats at least my expectation) is never hit probably due to the cors origion error and because not even the OPTIONS is allowed which happens before.

UPDATE 2

Request to the server:

OPTIONS http://mypcname.companyname:83/customersInformation HTTP/1.1
Host: mypcname.companyname:83
Connection: keep-alive
Cache-Control: no-cache
Pragma: no-cache
Access-Control-Request-Method: GET
Origin: http://mypcname.companyname
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/30.0.1599.101 Safari/537.36
Access-Control-Request-Headers: accept, authorization, x-requested-with
Accept: */*
Referer: http://mypcname.companyname/
Accept-Encoding: gzip,deflate,sdch
Accept-Language: de-DE,de;q=0.8,en-US;q=0.6,en;q=0.4

What error, the **404**? If that's the case there's no matching `[Route]` that allows `OPTIONS` requests. [This answer shows how to use a Raw HttpHandler](http://stackoverflow.com/a/19500037/85785) to get it to auto handle all OPTIONS requests, including non-matching routes or routes that don't exist. — mythz, Oct 29 '13 at 08:49
by the way you're meant to use `httpRes.EndRequest()` not `httpRes.End()`. — mythz, Oct 29 '13 at 08:52
No no I do not get the 404 that one is gone after I used the RequestFilters. I get the very last error from above: OPTIONS http://mypcname.companyname:83/customersInformation Origin http://mypcname.companyname is not allowed by Access-Control-Allow-Origin. — HelloWorld, Oct 29 '13 at 08:53
I can't tell what values you're using and what the response is. Did you try just using the default values, e.g `Plugins.Add(new CorsFeature());`? If that doesn't work (and you've changed it to use httpRes.EndRequest()), can you post the full HTTP Response headers (using web inspector) and the exact error you're getting (e.g. with a screenshot if necessary). — mythz, Oct 29 '13 at 08:59
I have done an update on my init question with the info you wanted. — HelloWorld, Oct 29 '13 at 10:15
Screenshots of WebInspector would've been better as we could tell what request created the response. If it's the full response header and it's not showing that there are no CORS headers emitted, have you changed the RequestFilter to use `httpRes.EndRequest()` as mentioned earlier? — mythz, Oct 29 '13 at 10:18
I changed the RequestFilter to use httpRes.End() the EndRequest does not exist. Is this just a grammar from you? Before you said a screenshot is not really needed.I can not show you a screenshot because It has url + data/names which I can not expose to the public if you understand that please. I have updated in 1 minute the question again with the raw data of the request. — HelloWorld, Oct 29 '13 at 10:24
It is [important that you use httpRes.EndRequest()](http://stackoverflow.com/a/19034751/85785) it's an extension method in the `ServiceStack` namespace. Please don't ignore instructions like this, it wastes everyone's time and I've already mentioned to change it a number of times. — mythz, Oct 29 '13 at 10:30
Thank you for the extension hint. I am the client side guy fixing something for the server guy which is away please do not blame me I do not follow your anouncements ;-) When I add the ServiceStack namespace and try to build it wants the system.web 2.0 assembly. When I try to install .net 2.0 framework it says its already installed but thats not true there is no such 2.0 framework folder, thats another question for SO then I will return here and report wether your hint worked/not :) I use resharper but it did not suggest the extension fix here... — HelloWorld, Oct 29 '13 at 11:17

Servicestack Options 404 and Cors Origin

0 Answers0

Linked