Strategic Software Consultant

I'm the partner of choice for many of the world's leading enterprises. I help businesses elevate their value through solution discovery, software development, design, QA, and consultancy services. As your Strategic Software Consultant, I work across many technology products and delivery teams. The scope of technology is broad, and it is my job to understand how your technology applications holistically support and connect to create a sustainable technology ecosystem. The ecosystem of technologies may span to 3rd party applications, in-house developed solutions, business intelligence, data integrations, and of course, SaaS applications.

Oracle Certified Specialist
B2C Service REST API Oracle B2C Service Oracle Intelligent Advisor

Oracle B2C CORS Error

Access to XMLHttpRequest at 'https://example.custhelp.com/services/rest/connect/1.4/' from origin 'https://example-oia.custhelp.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.

Set Config verb PAPI_CORS_DOMAIN_LIST

CORS HeaderPurposeConfiguration Setting NameConfiguration Setting Values
Access-Control-Allow-OriginProvides a comma-separated list of trusted origins from which a client application can access resources.PAPI_CORS_DOMAIN_LISTValid values for allowed origins:URL of the specific origin. For example, http://www.yourdom.comComma-separated list of origins. For example, http://www.yourdom.com, http://adc6160507.osvc.com, http://software.dzhuvinov.comEmpty (no value set), that prevents access to resources from any origin.Note:Default is blank.Asterisk (*) is not supported in this configuration, If an ‘*’ is present in the configuration, even as part of a URL, the configuration value is considered invalid and CORS support is disabled. You must set a value for this configuration setting to enable CORS.
Access-Control-Max-AgeSpecifies how long the response to a preflight request is cached.PAPI_CORS_MAX_AGEDefault is 3 seconds. Maximum is 31 seconds.

https://docs.oracle.com/en/cloud/saas/b2c-service/21d/cxsvc/c_osvc_configure_for_cors.html

Leave a comment

Your email address will not be published. Required fields are marked *