Support of Cross-Origin Resource Sharing (CORS)

Have you ever created an HTTP data request only to get hit by a red “access to HTML request has been blocked by cors policy” error?

When your site is on the same domain as the web service server, there’s no problem. However, this isn’t the case when performing a cross-origin request. Access is denied due to browser security preventing HTTP requests to another domain. The result? A CORS policy error.

To help you explicitly allow certain cross-origin requests on your server, 4D now supports the CORS protocol. Accessing data with cross-origin requests just became easier!

The CORS protocol prevents web pages from being able to make requests to domains other than its own. But sometimes, you may need to allow other sites to make HTTP data requests to your server. Fortunately, 4D provides two ways to define the CORS rules and explicitly allow certain cross-origin requests:

  • via programming, or
  • through database settings.

manage cors via programming

You can enable CORS with two commands:

//CORS Domains Settings
:=New collection
$settings.push(New object("host";"";"methods";"get;put;post"))
$settings.push(New object("host";"";"methods";"get;post"))
//enable CORS
WEB SET OPTION(Web CORS enabled;1)
//CORS Domains Settings
WEB SET OPTION(Web CORS settings;$settings)
//start web server to apply CORS settings

$hostWS:=WEB Server(Web host database server)
$setting:=New object
//Enable CORS
//CORS Domains Settings
$setting.CORSSettings:=New collection
$setting.CORSSettings.push(New object("host";"";"methods";"get;put;post"))
$setting.CORSSettings.push(New object("host";""; "methods";"get;post"))
//start web server and apply CORS settings

manage CORS through database settings

New settings are available in the Settings > Web > Options (II) tab:

Just add the allowed domain names and available methods. When the server is next started, they’ll be used automatically.

Fabrice Mainguené
• Product Owner •Fabrice Mainguené joined 4D Program team in November, 2016. As a Product Owner, he is in charge of writing the user stories then translating it to functional specifications. His role is also to make sure that the feature implementation delivered is meeting the customer need.After obtaining a Bachelor degree in Computer Science at CNAM, Fabrice joined a small software publishing company as a Windev developer. Then he worked for different companies in industry and trade areas as a Windev and web developer as well as technical advisor on new features.