Problems with proxy on tiggzi.net?

Mon Oct 22, 2012 12:20 pm

Hello! Thank you! We'll try to reproduce and figure out.

Mon Oct 22, 2012 7:22 pm

Make sure that your server supports OPTIONS request. It looks like it generates the error (500):

Mon Oct 22, 2012 7:23 pm

Just to add, we have been using other services such as Parse.com where all requests, including POST work fine with cross-domain.

Tue Oct 23, 2012 9:28 am

Cant find any OPTION request on the REST server. But I've include Access-Control-Allow-Methods in the header. It did not help.

This might also be a Content-Type issue.

Tue Oct 23, 2012 9:34 pm

It might be.. I think it comes down to service implementation.

Sat Oct 27, 2012 2:54 pm

Hi!

I think I now have a Work Around based on CORS. (Cross-Origin Resource Sharing)

I've contacted Bob Swart a Delphi/Datasnap guru. He has helped med set up the server. CORS is a little complicated and we had to fix browser for browser as CORS are implemented differently on each. We have now also the newly IE10 CORS support. (CORS is not implemented on earlier versions of IE.)

We have also tested with IPhone (builtin browser), Android (builtin browser), Opera, Opera Mobile, Safari, Chrome and Firefox. (Mostly latest version). They now work fine with POST rest calls from Tiggzi .

This is the main fix done in WebmoduleUnit1.pas on the REST server:

procedure TWebModule1.WebModuleBeforeDispatch(Sender: TObject; Request: TWebRequest; Response: TWebResponse;
var Handled: Boolean);
var
Origin: String;
AccessControlRequestMethod: String;
AccessControlRequestHeaders: String;
begin

// BS: first obtain the CORS preflight request headers
Origin := Request.GetFieldByName('Origin');
if Origin = '' then
Origin := Request.GetFieldByName('Host'); // workaround
AccessControlRequestMethod := Request.GetFieldByName('Access-Control-Request-Method');
AccessControlRequestHeaders := Request.GetFieldByName('Access-Control-Request-Headers');

// BS: then set the CORS preflight response headers
if Origin < '' then
Response.SetCustomHeader('Access-Control-Allow-Origin', Origin)
else
Response.SetCustomHeader('Access-Control-Allow-Origin', 'http://yourdomain.com'); // default sample
if AccessControlRequestMethod < '' then
Response.SetCustomHeader('Access-Control-Allow-Methods', 'GET, ' + AccessControlRequestMethod)
else
Response.SetCustomHeader('Access-Control-Allow-Methods', 'POST, GET'); // default sample
if AccessControlRequestHeaders < '' then
Response.SetCustomHeader('Access-Control-Allow-Headers', AccessControlRequestHeaders)
else
Response.SetCustomHeader('Access-Control-Allow-Headers', 'X-Custom-Header'); // default sample

if AccessControlRequestHeaders < '' then
Response.SetCustomHeader('Access-Control-Expose-Headers', AccessControlRequestHeaders);
Response.SetCustomHeader('Access-Control-Allow-Credentials', 'true');

if FServerFunctionInvokerAction < nil then
FServerFunctionInvokerAction.Enabled := AllowServerFunctionInvoker;

Code: Select all

Response.SetCustomHeader('Access-Control-Max-Age', '10'); 

Handled := Request.Method = 'OPTIONS'; // BS: fix for FireFox...

end;