Hi ,

Iam trying to call the creatio custom apis from frontend application. It's is throwing cross-origin-reference error. I followed this link : https://community.creatio.com/articles/web-service-available-without-authorization-cors , still iam getting same issue. Is the issue with latest version? It was working earlier in 7.18 versions. 
Even i tried adding 'access-control-allow-origin' headers to api call

Is there any solution, please post it here.
Thanks in advance.

Manideep.

Hello team,

I am trying to integrate sunny landing page with Creatio Atlas and am facing below error.

Access to XMLHttpRequest at 'https://019205-marketing.creatio.com/0/ServiceModel/GeneratedObjectWebFormService.svc/SaveWebFormObjectData' from origin 'http://mydemodomain.demopage.co' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.

How do I overcome this? I notice sometimes using OpenID when I login to creatio, I get this error as well? Is there a work around for this?

Thanks

Hello,

We have a use case where we send information from a website to creatio via custom code. Landing page was not suited for our usecase.

We successfully implemented this using Anonymous Service which has code to manage CORS. We need to make the service work for .net core now. How do we transfer below code to .net core setup since the name 'WebOperationContext' does not exist in .net Core? What is the best practice to overcome CORS error in .net core setup?

// Preflight
 
[OperationContract]
        [WebInvoke(Method = "OPTIONS", UriTemplate = "*")]
        public void GetCaptchaPreflight() {
            var outgoingResponseHeaders = WebOperationContext.Current.OutgoingResponse.Headers;
            outgoingResponseHeaders.Add("Access-Control-Allow-Origin", "*");
            outgoingResponseHeaders.Add("Access-Control-Allow-Methods", "GET, POST, OPTIONS");
            outgoingResponseHeaders.Add("Access-Control-Allow-Headers", "*");
            outgoingResponseHeaders.Add("Access-Control-Request-Headers", "X-Requested-With, x-request-source, accept, content-type");
        }
    }
 
// Request endpoint
[OperationContract]
        [WebInvoke(Method = "POST", RequestFormat = WebMessageFormat.Json, BodyStyle = WebMessageBodyStyle.Wrapped,
        ResponseFormat = WebMessageFormat.Json)]
 
        public void ConfirmCaptcha(Stream responseDetails)
        {
		 var logger = global::Common.Logging.LogManager.GetLogger("CaptchaService");
		 logger.Info("Captcha services entered :");
			var currentWebOperationContext = WebOperationContext.Current;
			var outgoingResponseHeaders = currentWebOperationContext.OutgoingResponse.Headers;
            outgoingResponseHeaders.Add("Access-Control-Allow-Origin", "*");
			outgoingResponseHeaders.Add("Access-Control-Allow-Methods", "POST");
			outgoingResponseHeaders.Add("Access-Control-Allow-Headers", "Origin, Content-Type, Accept");
 
			try
            {
 
            StreamReader reader = new StreamReader(responseDetails);
            string responseJson = reader.ReadToEnd();
            logger.Info("Captcha services :" + responseJson);
 
              ResponseDetails rd = new ResponseDetails();
                rd = JsonConvert.DeserializeObject<ResponseDetails>(responseJson);
                if (!string.IsNullOrEmpty(rd.GToken))
                {
                    if (IsCaptchaVerified(rd.GToken))
                    {
                        logger.Info("Captcha is valid");
						logger.Info(rd.LeadId);
						logger.Info(rd.ContactId);
						logger.Info(rd.LeadResponse);
 
					}
                }
                else
                {
                    logger.Info("Captcha is invalid");
                }
            }