Cors Access-Control-Allow-Origin

[pbrad]

Hi,
I am trying to consume an AwareIM rest service from a mobile application and am receiving the following error on submission:

Code: Select all

Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://xxxxxxxxx/REST/xxxxxxxx/VesselTokenRequest. (Reason: CORS header ‘Access-Control-Allow-Origin’ missing).

From my research, I need to add an appropriate header via the web.xml document but am having no luck. Has anyone out there ever struggled with this same issue and found a solution that they would be willing to share?

[Rennur]

Have you tried adding all cors filter parameters to Tomcat's web.xml config file?
Documentation:
https://tomcat.apache.org/tomcat-8.5-doc/config/filter.html#CORS_Filter

[pbrad]

Thanks for your reply, yes that is what I was fighting with, I did end up getting it working in the end. I am pushing the envelope a bit by creating a custom offline first progressive mobile web app that uses native js for the front end, pouchdb/couchdb to provide the offline/online db access with live time syncing when internet access exists and AwareIM back-end rest services for handling some of the common stuff like user authentication, shared account access, email and push notifications etc... I just finished an AwareIM Hybrid desktop/mobile app which is great as far as it goes but now I can create robust mobile apps that work seamlessly offline while still being able to tap into the power and flexibility of AwareIM, pretty cool stuff.

[hpl123]

Thanks for your reply, yes that is what I was fighting with, I did end up getting it working in the end. I am pushing the envelope a bit by creating a custom offline first progressive mobile web app that uses native js for the front end, pouchdb/couchdb to provide the offline/online db access with live time syncing when internet access exists and AwareIM back-end rest services for handling some of the common stuff like user authentication, shared account access, email and push notifications etc... I just finished an AwareIM Hybrid desktop/mobile app which is great as far as it goes but now I can create robust mobile apps that work seamlessly offline while still being able to tap into the power and flexibility of AwareIM, pretty cool stuff.

That sounds awesome pbrad, can you share more details about this you think? A couple of things I would like to know if you can answer:

- How did you build the mobile app? Did you use some JS mobile framework/library or did you set together various stuff/components etc yourself?
- You do the sync mobile DB to Aware DB via REST?
- How do you handle local mobile business rules/logic e.g if you have various rules related to application (entire application so web/mobile), have you built these in "both" apps then?
- Is the entire app built in "both" places i.e all web desktop functionality for your app is in "both" apps or have you just a sync of some shared app tables etc. and/but different functionality in the two apps?
- What can you do in the mobile app that you couldn't do in the Aware mobile version?
- Can you share screenshots of the app?
- This is a mobile webapp still or will you also be able to compile it to native IOS/Android?
- With your experience doing this, what do you think Awaresoft could/should do to further develop the Aware mobile app solution to enable more app functionality, integrations etc.?

Thanks

[pbrad]

Hi,
Okay, so I guess that my post was a little misleading. I have just finished a true AwareIM native mobile app and so I am pretty familiar with what can be done right now and what can't be done. For my next project because of the need to have more robust and seamless offline capabilities, better access to device functionality and partially because of some of the challenges that I had getting approval in the IOS app store I decided to develop the core application in something other than AwareIM and to utilize AwareIM to fill in some of the gaps.

Because I have always been a strong believer in RAD tools and also because I am by no means a full-stack javascript developer I researched the various RAD tools for creating progressive web apps that are currently out there. I ended up selecting one out of Spain (https://www.davidesperalta.com/appbuilder). It is a different paradigm to AwareIM and is not a competing product but I think that sometimes you have to go with the right tool for the right job. I am still fairly early in the dev cycle on this one but I have the rest integration working and the offline/online syncing working with PouchDB and have clarity on where I am heading with everything. The finished application will be hybrid in that AwareIM will provide part of the solution and the native js mobile app will handle the stuff at the client level that it can (which is most of it). Where necessary I plan on using rest to keep certain data in sync between the app and AwareIM.

With respect to where I think that AwareIM should head with respect to mobile development. I think that for me, the need for offline authorization and data access was a deal breaker. The current offline capabilities of AwareIM are really not ready for prime time. I will continue to develop in AwareIM and will certainly use it for mobile web access but in this case I couldn't see a way to use the current product to get me where I needed to go. Other than that, the advances that Vlad has made in mobile development within AwareIM make it a totally viable method of creating mobile apps. I did find however, that Apple did not like the 'out-of-the-box' deployment model and forced me into getting a little creative with how the app is displayed.

Cheers,
Pete

[ACDC]

Hey Pete,

I ended up selecting one out of Spain (https://www.davidesperalta.com/appbuilder)

This seems very interesting, also the pouchdb/couchdb setup and sync capabilities of the DB with Awareim in the mix
Only problem the tutorials are sparse. I am trying to get my head around the concept. Do you have a suggestion on where to start


Anthony

[Jaymer]

it does seem interesting,
problem is the guy won't help you AT ALL without buying a product - and then you get access to a forum.
i'm worried you only get access to the forum for the product you purchase (ie. you can't just but the $25 product for help on AppBuilder) - so you MUST PAY to get any types of Qs answered.

I installed everything and built a APK for android, but yahoo mail thinks its a virus (was trying to send it to myself from my MS azure server).
Also, I tried several samples - more than 1 have cryptic errors.
No clue how to go about fixing them.

1 was a http POST that I changed to a GET and moved to a known working URL, but when running it just says "HTTP ERROR". WTF?
His DecSoft preview sample doesn't even run correctly.
He HAS answered 2 emails, but trying to make this guy understand might be a lost cause.

To Vlad's credit, he helped me when I 1st started - was on skype and walked me thru stuff shortly after installing the trial. thats cool.
This guy tho - he's gotta change his tune.

[T0M]

Had a few questions as well..
emailed him on Friday evening (he's sitting in Spain, so we have the same GMT offset.)

To my surprise, got a reply 2 minutes later.

This eventually turned into a very friendly and helpful "email-livechat".


The forums seem to be read only for lurkers. So only customers are able to post. And the trial? version (no time limit) is free to download and play with.

I had a very good overall first impression.

[Jaymer]

sure, I get fast email response also.
here's his reply to me:

Hello Jaymer,
Thanks for contacting. Please, sorry any possible inconvenience.
Honestly, I think that you must try to search a possible alternative for AB.

Always at your service,

David Esperalta
Freelance Software Developer
https://www.davidesperalta.com/

How can he be "always at my service" when I send him screenshots of 3 sample programs that crap out with errors.
maybe this line pissed him off:

because if you are so reluctant to help someone adopt to your system BEFORE you have their money, then why will you be MORE responsive after you already get paid?

jaymer...

[pbrad]

Hi,
I realize that this is an AwareIM forum and it wasn't my intention to promote Decsoft although I have found David to be extremely helpful. I am a loyal fan of AwareIM and have been for a longer period than most. I was just saying that DecSoft was the one that I settled on for this type of application and could see a way that it could play nicely with AwareIM. Wrt to samples, I would just Google pouchdb examples, there are some really good ones available and it is easy to deploy. Here are a couple of good urls: https://pouchdb.com/getting-started.html
https://www.tutorialspoint.com/pouchdb/
https://codepen.io/astol/pen/qbbOXE

Cheers,
Pete

[Jaymer]

i've gone down the exact same path as you...
CORS issues, then
POST variables not being sent
and something really squirelly - i'll make a change and ctrl-F9 and it "wont take" - I was trying to do a simplepost, and getting empty vars - commented that line, added a simpleget, and yet the post kept happening.
Even quit and restarted the product. Not until I got that "unresolved NewView1" error, and then eventually got outta that loop, did it start doing my "new code" and then the simpleget worked. but I still can't POST vars - the body is blank. I get a 200 status returned because NodeJS really got a POST, but inspecting the ENTIRE message shows empty BODY. saying this product is immature is an understatement.
it has great promise - but geez, its been around more than 2 years and its still crap.
if this guy'd get his shit together he might have someone big buy his company.
if there was another product similar to this (and maybe there is) that lets us do the GETs & POSTs and can easily build screens, it would be great to get data from Aware. Hopefully there are other devs out there working on tools like this. and its just a matter of time.

[Jaymer]

got my AppBuilder issue solved.
On the SEND button on the form, in the code, I needed

HttpSetHeader "HttpClient1" "Content-Type" "application/x-www-form-urlencoded"

In HttpForm example, this line was commented out. Setting this now gave Post variables values.

So now, if I choose, I can have a native Android/iOS app which can collect data and then post via REST to Aware, or NodeJS to update SQL tables.
I'm not aware of which advantage (if any) there is to doing this in Appbuilder vs AwareIM.

[pbrad]

Sounds good. as mentioned, I am using it to provide robust offline capabilities, better integration with devices and auto-sensed db changes which can push whatever I want back and forth from AwareIM under whatever conditions I want to specify. For me, it is just one more tool in the toolbox but it is key to my current project.