web stats
Mirth and Cross-origin resource sharing (CORS) - Mirth Community

Go Back   Mirth Community > Mirth Connect > Support

Reply
 
Thread Tools Display Modes
  #1  
Old 12-15-2014, 02:29 PM
ab2488587 ab2488587 is offline
OBX.1 Kenobi
 
Join Date: Nov 2014
Posts: 32
ab2488587 is on a distinguished road
Question Mirth and Cross-origin resource sharing (CORS)

I have a Mirth server processing RAW (stringified) JSON messages.
I am unable to POST JSON to Mirth if they're on different domains.
example:
Mirth is in a remote domain (A)
and I'm sending a message from my personal machine, localhost (B)

I'm POSTing with jQuery, and I'm getting errors related to 'same origin policy'.

Do I have to specify anything in Mirth in order to allow for this?
Or is it the way I'm sending the message that needs refinement?
I've tried to add the following headers to Mirth without success.


TL,DR: How should I be POSTing and handling cross-domain JSON with Mirth?
Reply With Quote
  #2  
Old 12-16-2014, 06:59 AM
ab2488587 ab2488587 is offline
OBX.1 Kenobi
 
Join Date: Nov 2014
Posts: 32
ab2488587 is on a distinguished road
Wink

I found out why I was not able to send a message.
I was defining (Mirth's) URL in my JS code has:
var url = 'remote.location:82';

The proper way to do it is:
var url = 'http:\\remote.location:82';
Or 'https:\\' depending on your setup.

The response header 'Access-Control-Allow-Origin' is still needed on Mirth's side though.
Otherwise it will not work.
Reply With Quote
  #3  
Old 12-16-2014, 07:10 AM
narupley's Avatar
narupley narupley is offline
Mirth Employee
 
Join Date: Oct 2010
Posts: 7,126
narupley is on a distinguished road
Default

If the browser/server you're connecting from follows the standard same-origin policy for web applications, then yes cross-domain requests may be blocked. However Mirth Connect HTTP Listeners do not care what sort of request comes in; it's simply a white-slate server you can do whatever you need to with. That said, if you're connecting from a browser using jQuery Ajax, then yes it's likely you'll need to include that CORS header to allow responses from the server.
__________________
Step 1: JAVA CACHE...DID YOU CLEAR ...wait, ding dong the witch is dead?

Nicholas Rupley
Work: 949-237-6069
Always include what Mirth Connect version you're working with. Also include (if applicable) the code you're using and full stacktraces for errors (use CODE tags). Posting your entire channel is helpful as well; make sure to scrub any PHI/passwords first.


- How do I foo?
- You just bar.

Last edited by narupley; 12-16-2014 at 07:24 AM.
Reply With Quote
  #4  
Old 12-16-2014, 07:38 AM
ab2488587 ab2488587 is offline
OBX.1 Kenobi
 
Join Date: Nov 2014
Posts: 32
ab2488587 is on a distinguished road
Default

Quote:
Originally Posted by narupley View Post
... That said, if you're connecting from a browser using jQuery Ajax, then yes it's likely you'll need to include that CORS header to allow responses from the server.
I was sending from a browser and I've confirmed that, without it, you can not perform a request. It does appear necessary, yes.

For reference (and because I don't want to mislead anyone) the actual correct way of doing it is like so:
var url = 'http://remote.location:82';

Chrome will take any barbaric syntax error you throw at it (like 'http:\\remote.location:82').
Firefox not so much.

Thanks for the insight though, narupley
Reply With Quote
Reply

Tags
cors, cross domain, json, post, same origin policy

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT -8. The time now is 01:17 AM.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2020, vBulletin Solutions, Inc.
Mirth Corporation