2

I'm making a call to the contextBroker and it gives me this error.

Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:4200' is therefore not allowed access. The response had HTTP status code 405.

From postman or from freeboard I do not get any of this.

  getContextBroker(){
    console.log("Consumimos el servicio getContextBroker");
    let headers = new Headers ({'Accept': 'application/json', 'Fiware-Service': 'x', 'Fiware-ServicePath': '/x', 'Access-Control-Allow-Origin': '*'});
    let options = new RequestOptions ({headers : headers});
    return this._http.get(this.urlcontextBrokers, {headers : headers}).map(res => res.json());
  }

}

how can I solve that?

I've tried adding: 'Access-Control-Allow-Origin': '*'

But it still does not work

EDIT:

ps ax | grep contextBroker:

 862 pts/4    S+     0:00 grep contextBroker
 3792 ?        Ssl   27:35 /usr/bin/contextBroker -port 1026 -logDir /var/log/contextBroker -pidpath /var/run/contextBroker/contextBroker.pid -dbhost localhost -db orion -multiservice -logAppend

version:

{
    "orion": {
        "version": "1.7.0",
        "uptime": "12 d, 18 h, 24 m, 20 s",
        "git_hash": "e544780eb64a4a2557c1f51dde070b8d82b86c49",
        "compile_time": "Wed Feb 8 13:30:24 CET 2017",
        "compiled_by": "fermin",
        "compiled_in": "centollo"
    }
}

EDIT02

Hello, as I said, I do not want to use the cors, I have eliminated that from the header in such a way:

   getContextBroker () {
     console.log ("We consume the getContextBroker service");
     let headers = new Headers ({'Accept': 'application / json', 'Fiware-Service': 'IoFAlmeria', 'Fiware-ServicePath': '/ ARMpalmerillas'});
     let options = new RequestOptions ({headers: headers});
     return this._http.get (this.urlcontextBrokers, {headers: headers}). map (res => res.json ());
   }

}

and I keep giving the same error:

OPTIONS http: // XXX: 1026 / v2 / entities / 405 (Method Not Allowed)
Failed to load http: // XXX: 1026 / v2 / entities /: Response to preflight request does not pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http: // localhost: 4200' is therefore not allowed access. The response had HTTP status code 405.

it has to be the problem of the fiware API since I have designed one with nodejs and I have no problem changing the URL

Update: 

Limpiando repositorios:base epel extras fiware mongodb-org-3.2
                     : mysql-connectors-community mysql-tools-community
                     : mysql57-community nodesource updates
Limpiando todo
Cleaning up list of fastest mirrors
[root@UAL-IoF2020 ~]# yum install contextBroker
Complementos cargados:fastestmirror, refresh-packagekit, security
Configurando el proceso de instalación
Determining fastest mirrors
epel/metalink                                            |  25 kB     00:00     
 * base: ftp.uma.es
 * epel: ftp.uma.es
 * extras: ftp.uma.es
 * updates: ftp.uma.es
base                                                     | 3.7 kB     00:00     
base/primary_db                                          | 4.7 MB     00:00     
epel                                                     | 4.7 kB     00:00     
epel/primary_db                                          | 6.0 MB     00:00     
extras                                                   | 3.4 kB     00:00     
extras/primary_db                                        |  29 kB     00:00     
fiware                                                   |  951 B     00:00     
fiware/primary                                           |  45 kB     00:00     
mongodb-org-3.2                                          | 2.5 kB     00:00     
mongodb-org-3.2/primary_db                               |  78 kB     00:00     
mysql-connectors-community                               | 2.5 kB     00:00     
mysql-connectors-community/primary_db                    |  18 kB     00:00     
mysql-tools-community                                    | 2.5 kB     00:00     
mysql-tools-community/primary_db                         |  38 kB     00:00     
mysql57-community                                        | 2.5 kB     00:00     
mysql57-community/primary_db                             | 139 kB     00:00     
nodesource                                               | 2.5 kB     00:00     
nodesource/primary_db                                    |  51 kB     00:00     
updates                                                  | 3.4 kB     00:00     
updates/primary_db                                       | 6.4 MB     00:00     
El paquete contextBroker-1.7.0-1.x86_64 ya se encuentra instalado con su versión más reciente
Nada para hacer
Manolait
  • 353
  • 2
  • 11
  • Could you edit your question to include information about how Orion runs? I mean `ps ax | grep contextBroker`. In addition, include also Orion version, i.e. `contextBroker --version | head -n 1`. Thanks! – fgalan Jan 30 '18 at 17:49
  • Edit post @fgalan with the required information – Manolait Jan 31 '18 at 08:23

2 Answers2

2

CORS requests are only supported by Orion Context Broker version 1.10 and above.

As @JoseManuelCantera has pointed out, you do not need to add any CORS specific headers to your request, those are handled by your client (browser, Postman etc.)

You need to:

  1. Upgrade your version to 1.10
  2. Start Orion in CORS mode

You can start Orion in CORS mode for any origin (Orion will accept CORS requests from any origin) as below:

contextBroker -corsOrigin __ALL

Please take a look at the CORS documentation for Orion for more information.

UPDATE

Please allow me to shortly explain CORS pre-flight logic. If your request is not a simple request, your browser will do a pre-flight request prior to yours with the OPTIONS method. If Orion is not started in CORS mode, you will always get method not allowed as a response to your non-simple requests.

So what is the problem, why are you getting different results with different clients? Postman (curl etc.) does exactly what you want it to do and sends the requests as you have configured. It does not check if the request you are sending should be pre-flighted or not.

On the other hand, your browser does check your request and do a pre-flight if necessary. You have no control over this other than modifying your request.

The Javascript framework you are working with is probably adding a header to the request rendering it a "non-simple" request. For example: X-Requested-With. Please see this question.

My suggestion is to take a look at the details of the request your browser sends (headers, methods etc.) and see what makes it a non-simple request. Then do the necessary changes on your js code to make sure your request falls within the scope of simple requests.

Having said that, you will need to upgrade your Orion version eventually since for example, a DELETE request is never going to be treated as a simple request when sent over a browser.

McMutton
  • 905
  • 13
  • 25
  • El paquete contextBroker-1.7.0-1.x86_64 ya se encuentra instalado con su versión más reciente Nada para hacer – Manolait Jan 31 '18 at 15:52
  • Hello, my idea is not to add that header but as it gave me a poor error, I added: Access-Control-Allow-Origin ':' * ' I will try updating, but my idea is not to use any of that, it's just being able to consult the api – Manolait Jan 31 '18 at 15:56
  • Have you checked [this](http://fiware-orion.readthedocs.io/en/1.10.0/admin/install/index.html#upgrading-from-a-previous-version) documentation for upgrading the version? Also, what was your method of installing Orion the first time? – McMutton Jan 31 '18 at 16:01
  • but my question is why it is necessary to use the CORS, if in postman and in freeboard if I work the http: // xxx: 1026 / v2 / entities and not here. to update use: yum install contextBroker – Manolait Jan 31 '18 at 16:24
  • In this post https://stackoverflow.com/questions/24331330/how-to-configure-system-to-use-the-fiware-yum-repository/24510985#24510985 is not version 1.10 where can I find the updated repository that contains that version. – Manolait Jan 31 '18 at 16:56
  • Please see my update for your question. For installing the latest version, you can always do a source build. – McMutton Jan 31 '18 at 17:26
  • thanks for the explanation I'm downloading the new version from here: github.com/telefonicaid/fiware-orion/releases/tag/1.10.0 but when I try to do the MAKE it gives me this error: ./ scripts / build / compileInfo.sh - fatal release: Not a git repository (or any of the parent directories): .git – Manolait Feb 01 '18 at 08:45
  • Please follow [this guide](https://github.com/telefonicaid/fiware-orion/blob/master/doc/manuals/admin/build_source.md) for source build instructions. I have just tried a fresh installation on Centos 7 following this guide and it worked fine except Google Test/Mock installation. You can skip that part. – McMutton Feb 01 '18 at 09:42
  • my version of centos is 6.9. it's compatible ? – Manolait Feb 01 '18 at 09:49
  • Let us [continue this discussion in chat](http://chat.stackoverflow.com/rooms/164323/discussion-between-mcmutton-and-manolait). – McMutton Feb 01 '18 at 09:57
  • Hi, forgive me for bothering you but I have a doubt. Tonight the server was restarted and the contextBroker was turned off until I put the command you told me: contextBroker -corsOrigin __ALL Is it possible to start contextBroker automatically? – Manolait Feb 02 '18 at 10:37
  • This did not solve my issue. @McMutton please can you review my question? https://stackoverflow.com/questions/57491353/context-broker-preflight-options-request – Charlie Aug 14 '19 at 08:57
  • Hey @Charlie, I am sorry for the late reply, I see that you were able to solve the problem, cheers! – McMutton Aug 30 '19 at 12:58
0

I think you need to upgrade to version 1.10 so that you can use CORS.

You do not need to add any header ;) and actually the Access-Control-Allow-Origing header is sent in the server response not by the client request

Jose Manuel Cantera
  • 853
  • 4
  • 4
  • Hello, my idea is not to add that header but as it gave me a poor error, I added: Access-Control-Allow-Origin ':' * ' I will try updating, but my idea is not to use any of that, it's just being able to consult the api – Manolait Jan 31 '18 at 15:41
  • El paquete contextBroker-1.7.0-1.x86_64 ya se encuentra instalado con su versión más reciente Nada para hacer – Manolait Jan 31 '18 at 15:51
  • Mi ingles no es muy bueno te dejo aquí mi duda. Simplemente estoy haciendo un GET. Desde postman y freeboard me funciona perfecto, pero desde mi cliente con angular4 me da ese error. no quiero usar el CORS simplemente que me da ese error cuando lanzo la consulta. ¿cual es el problema? He añadido eso en mi cabecera para ver si se soluciona. pero sigue igual – Manolait Jan 31 '18 at 16:59
  • Entiendo que estás realizando la instalación via paquete RPM. Desafortunadamente, por lo que veo en http://repositories.lab.fiware.org/repo/rpm/6/x86_64 creo que FIWARE dejó de publicar los paquetes superiores a Orion 1.7.0. Tendrás que instalar Orion 1.10.0 por otras vias... – fgalan Jan 31 '18 at 20:10
  • Estoy descargando la versión nueva de aquí: https://github.com/telefonicaid/fiware-orion/releases/tag/1.10.0 pero cuando intento hacer el MAKE me da este error:./scripts/build/compileInfo.sh --release fatal: Not a git repository (or any of the parent directories): .git – Manolait Feb 01 '18 at 08:42
  • Siendo un tema lateral (i.e. "Instalación de Orion 1.10.0 desde las fuentes") te recomendaría abrieras un nuevo post de pregunta y lo tratamos ahí. – fgalan Feb 01 '18 at 12:05
  • use the Docker Container in the meantime – Jose Manuel Cantera Feb 01 '18 at 12:30