Focal Point Banner
Community Center Education Summit Technical Support User Groups
Let's Get Social!

Facebook Twitter LinkedIn YouTube
Focal Point    Focal Point Forums  Hop To Forum Categories  WebFOCUS/FOCUS Forum on Focal Point     [CLOSED] Enable embedding Fintoso App - CORS Issue
Go
New
Search
Notify
Tools
Reply
  
[CLOSED] Enable embedding Fintoso App - CORS Issue
 Login/Join
 
Member
posted
Hi,

I am working through the embedding of Fintoso app as per docs. Currently I am getting below two errors -
1) Refused to apply style from 'http://localhost:3000/ibi_apps/logon/resources/S88_15556327241F/wfelogon.css' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
2) Refused to display 'http://localhost:3000/ibi_apps/logon/resources/markup/blank.html' in a frame because it set 'X-Frame-Options' to 'deny'.

Pls help. We do not see the configuration for 'X-Frame-Options in the Admin Console anymore. I believe it does not exist anymore.

This message has been edited. Last edited by: FP Mod Chuck,
 
Posts: 10 | Registered: June 06, 2019Reply With QuoteReport This Post
Member
posted Hide Post
Pls correct the typo in the heading -
*Enable embedding Fintoso App - CORS Issue
 
Posts: 10 | Registered: June 06, 2019Reply With QuoteReport This Post
Expert
posted Hide Post
You can edit the title by editing your first post.


Waz...

Prod:WebFOCUS 7.6.10/8.1.04Upgrade:WebFOCUS 8.2.05OS:LinuxOutputs:HTML, PDF, Excel, PPT
In Focus since 1984
Know The Code

 
Posts: 6080 | Location: Land of the Darug people, Terra Australis Incognita | Registered: October 31, 2006Reply With QuoteReport This Post
Member
posted Hide Post
Thanks, I updated it. Any suggestions on the errors I am seeing
 
Posts: 10 | Registered: June 06, 2019Reply With QuoteReport This Post
Member
posted Hide Post
You can enable the CORS setting in the Admin console.

Launch Administration Console.
Configuration Tab
Application Settings --> Filters

Cross site Scripting Protection --> Choose False from the Drop down.
Also Uncheck
Cross site scripting Protection block.

Save the changes.

CORS should be enabled on both Web focus And the Application where you want to embed the portal.


WebFOCUS 8.2.04
AIX/UNIX/Windows, All Outputs
 
Posts: 9 | Registered: November 17, 2015Reply With QuoteReport This Post
Member
posted Hide Post
Initially we were getting CORS errors and updated the setting to enable it.
Now CORS error is gone, and we do see the response HTML, however, the page renders with below errors.
-
Refused to apply style from 'http://localhost:3000/ibi_apps/logon/resources/S88_15556327241F/wfelogon.css' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
about:blank:1 Refused to display 'http://localhost:3000/ibi_apps/logon/resources/markup/blank.html' in a frame because it set 'X-Frame-Options' to 'deny'.
about:blank:1 Refused to apply style from 'http://localhost:3000/ibi_apps/logon/resources/S88_15556327241F/menuJQ.css' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.

And get below errors, when we put in user ffadv and click sign in
VM2124 about:blank:1 Uncaught ReferenceError: onLogonKeyPress is not defined
at HTMLInputElement.onkeypress (VM2124 about:blank:1)
onkeypress @ VM2124 about:blank:1
about:blank:1 Uncaught ReferenceError: Signin is not defined
at HTMLInputElement.onclick (VM2124 about:blank:1)
 
Posts: 10 | Registered: June 06, 2019Reply With QuoteReport This Post
Member
posted Hide Post
It looks like the web application is expecting same origin. Where do you embed the WebFOCUS portal? Is it .net or java application?


WebFOCUS 8.2.04
AIX/UNIX/Windows, All Outputs
 
Posts: 9 | Registered: November 17, 2015Reply With QuoteReport This Post
Member
posted Hide Post
This is a javascript application.
 
Posts: 10 | Registered: June 06, 2019Reply With QuoteReport This Post
Member
posted Hide Post
Create a html page in your local machine. and use your portal URL in iframe src.

Copy the code below.
 < !DOCTYPE html>
<html>
<body>

<iframe src="https://hostname/ibi_apps/bip/portal/Retail_Samples" style="border:0px #ffffff none;" name="myiFrame" scrolling="no" frameborder="1" marginheight="0px" marginwidth="0px" height="800px" width="1200px" allowfullscreen></iframe>

</body>
</html> 




if it works then the CORS Settings in Webfocus in good. You have to troubleshoot the setting in your java script application .

like add the header request ("Access-Control-Allow-Origin","*") .

This message has been edited. Last edited by: Satheesh Babu,


WebFOCUS 8.2.04
AIX/UNIX/Windows, All Outputs
 
Posts: 9 | Registered: November 17, 2015Reply With QuoteReport This Post
Member
posted Hide Post
Hi Sateesh,

So I modified the html with your iframe and I see the URL called is https://hostname/ibi_apps/signin.
Unable to figure out if the error is originating from Webfocus or local machine. I also tried changing chrome extension to allow cross origin as per below-
https://chrome.google.com/webs...dihlkkiljbi?hl=en-US

The error I see is -
Refused to display 'https://hostname/ibi_apps/signin' in a frame because it set 'X-Frame-Options' to 'sameorigin'.

I tried adding header in html like below and still see the same error -
< !DOCTYPE html>
< html>
< head>
< meta http-equiv="Access-Control-Allow-Origin" content="*"/>
< /head>


<iframe src="https://hostname/ibi_apps/bip/portal/Retail_Samples" style="border:0px #ffffff none;" name="myiFrame" scrolling="no" frameborder="1" marginheight="0px"
marginwidth="0px" height="800px" width="1200px" allowfullscreen>


This message has been edited. Last edited by: sval,
 
Posts: 10 | Registered: June 06, 2019Reply With QuoteReport This Post
Member
posted Hide Post
In the browser access webfocus URL and login. Once the authentication is completed try to run the HTML page.


WebFOCUS 8.2.04
AIX/UNIX/Windows, All Outputs
 
Posts: 9 | Registered: November 17, 2015Reply With QuoteReport This Post
Member
posted Hide Post
[QUOTE]Originally posted by sval:
Below is the html page I have, currently this errors with invalid xml for the first POST method. If I change it to html, the page renders with previously mentioned errors.


< !DOCTYPE html>
< html>

< head>
< title>
< meta charset="utf-8" />
< script type="text/javascript" src="http://code.jquery.com/jquery-3.1.0.js">

<script type="text/javascript"
src="https://cdnjs.cloudflare.com/ajax/libs/jquery-ajaxtransport-xdomainrequest/1.0.4/jQuery.XDomainRequest.js">
<script type="text/javascript">
var csrf_name; var csrf_value;
var frameToBeWorkedOn = "#AjaxPlaceHolder";
var contentType = "application/x-www-form-urlencoded; charset=utf-8";

$(document).ready(function (IBIRS_action, IBIRS_userName, IBIRS_password) {
if (window.XDomainRequest)
contentType = "text/plain";
var method = "POST";
var webMethod = "https://hostname/ibi_apps/signin";
var IBIRS_action = "signOn";
var IBIRS_userName = "ffadv";
var IBIRS_password = "";
var parameters = 'IBIRS_action=' + IBIRS_action + '&IBIRS_userName=' + IBIRS_userName + '&IBIRS_password=' + IBIRS_password;

$.ajax({
type: "POST",
url: webMethod,
data: parameters,
dataType: "xml",
xhrFields: { withCredentials: true },
crossDomain: true,
contentType: contentType,
success: xmlParser,
error: function (jqXHR, textStatus, errorThrown) { alert("You can not send Cross Domain AJAX requests: XML " + errorThrown); }
})
});
function xmlParser(xml) {
$(xml).find("entry").each(function () {
if ($(this).attr("key") == "IBI_CSRF_Token_Name") { csrf_name = $(this).attr("value"); }
if ($(this).attr("key") == "IBI_CSRF_Token_Value") { csrf_value = $(this).attr("value"); }
});
runReport();
}

function runReport() {
if (window.XDomainRequest)
contentType = "text/plain";
var method = "POST";
var webMethod = "https://hostname/ibi_apps/portal/Fintoso/Fintoso_Financial";
var IBIRS_action = "signOn";
var IBIRS_userName = "ffadv";
var IBIRS_password = "";

$.ajax({
type: "POST",
url: webMethod,
data: parameters,
dataType: "html",
xhrFields: { withCredentials: true },
crossDomain: true,
contentType: contentType,
complete: function (xhr, status) {
$("AjaxPlaceHolder").html(xhr.responseText);
document.AjaxPlaceHolder.document.body.innerHTML = xhr.responseText;
},

error: function (jqXHR, textStatus, errorThrown) { alert("You can not send Cross Domain AJAX requests: XML " + errorThrown); }
})
}



< body>
< iframe id="AjaxPlaceHolder" name="AjaxPlaceHolder" style="border:0px #ffffff none;" name="myiFrame" scrolling="no"
frameborder="1" marginheight="0px" marginwidth="0px" height="800px" width="1200px" allowfullscreen>


< /html>
 
Posts: 10 | Registered: June 06, 2019Reply With QuoteReport This Post
Member
posted Hide Post
I am not sure how do you test this page. Lets try this step by step.
First step is to make sure the CORS is working.
1. Create Test portal in Webfocus
2. Create HTML Page in your desktop using below code.(do not use your page)

Replace the src with your portal url.
 
 < !DOCTYPE html>
<html>
<body>

<iframe src="https://hostname/ibi_apps/bip/portal/Retail_Samples" style="border:0px #ffffff none;" name="myiFrame" scrolling="no" frameborder="1" marginheight="0px" marginwidth="0px" height="800px" width="1200px" allowfullscreen></iframe>

</body>
</html> 
 


3. Open Browser and login to webfocus. The session will be established.
4. Now run the HTML page. If it works then you should be able to embed webfocus. If it is not working then your CORS settings are incorrect in the Web focus. You have to fix it in the admin console filter section.

If the above scenario is successful then you have to use your page to test it.

5. You have to deploy the page in web server (IIS or Tomcat) and run from there.
6. Your signon function URL is wrong . You are using Web focus login form instead of the Web service.

Change
var webMethod = "https://hostname/ibi_apps/signin";

to
var webMethod = "https://hostname/ibi_apps/rs/ibfs";


WebFOCUS 8.2.04
AIX/UNIX/Windows, All Outputs
 
Posts: 9 | Registered: November 17, 2015Reply With QuoteReport This Post
Member
posted Hide Post
I ran steps 1-4. And I get below error -
Refused to display 'https://hostname/ibi_apps/portal/Fintoso/Fintoso_Financial' in a frame because it set 'X-Frame-Options' to 'sameorigin'.

We updated the filters and Cross-Origin settings. Is there any other admin setting we might have missed.
 
Posts: 10 | Registered: June 06, 2019Reply With QuoteReport This Post
Member
posted Hide Post
It confirms your CORS Settings are incorrect in the Webfocus.

https://ibb.co/k0jhKzJ

Please check your cors settings and compare it with the screenshot.if it is incorrect fix it and save and bounce the webfocus.


WebFOCUS 8.2.04
AIX/UNIX/Windows, All Outputs
 
Posts: 9 | Registered: November 17, 2015Reply With QuoteReport This Post
Member
posted Hide Post
We do have the yellow highlighted settings. However, below are different. Not sure if it effects it -
- Cross Site Request Forgery Protection = checked
- Cache Control Header = no-cache, max-age=0
- Expires Header = 0
 
Posts: 10 | Registered: June 06, 2019Reply With QuoteReport This Post
Member
posted Hide Post
I would also like to point out that when we paste below URL in browser -
https://hostname/ibi_apps/port...so/Fintoso_Financial

It routes to -
https://hostname/ibi_apps/signin

And after logging in with user/(blank) pwd it routes back to the Fintosio URL

Not sure if that is an issue.
 
Posts: 10 | Registered: June 06, 2019Reply With QuoteReport This Post
Member
posted Hide Post
If there is no active user session it will redirect to the sign in page. it is not an issue.
Cross site forgery settings nothing to do with CORS. have you tried restarting the Webfocus client after making the change?
if it still not working you may have to open a ticket with tech support.


WebFOCUS 8.2.04
AIX/UNIX/Windows, All Outputs
 
Posts: 9 | Registered: November 17, 2015Reply With QuoteReport This Post
  Powered by Social Strata  
 

Focal Point    Focal Point Forums  Hop To Forum Categories  WebFOCUS/FOCUS Forum on Focal Point     [CLOSED] Enable embedding Fintoso App - CORS Issue

Copyright © 1996-2018 Information Builders, leaders in enterprise business intelligence.