UI5 and xRoute: http 403 "CORS not allowed"

This space is dedicated to SAP users - administrators and programmers who want to integrate the xServers. Topics which require specific SAP based knowhow or which deal with SAP based mechanisms will be collected here.

UI5 and xRoute: http 403 "CORS not allowed"

Postby jasci01 » Mon Oct 15, 2018 9:32 am

Hi all,

just wanted to share some Information with you.

We built an UI5 app which gets data from both a SAP backend (via NW Gateway) and for map tiles and routing data, calls an on premise xRoute Service which is running on a dedicated machine.

Problem description:
During implementation, we worked with the PTV Cloud Services for testing purpose, and everything worked fine. However, after changing the URL for xRoute from Cloud to our local machine, the app did not work anymore. We got a http error 403 "CORS not allowed", although the Server was reachable and CORS is activated per Default in xRoute.

The UI5 apps is running on the SAP application Server (e.g. mysapserver.com/sap/bc/ui5_ui5/sap/zui5_app/index.html). When trying to call PTV xRoute Service, it tries to connect to a different URL (in our case: 10.x.x.x IP), which is blocked in UI5 context. The application must allow CORS (cross origin resource sharing).

SAP UI5 defines some http headers which must be supported by the application to get CORS worked. In our case, header "authorization" was missing.
UI5 CORS http header.png

We added it in xroute/webapps/xroute/WEB-IN/web.xml. Now it works fine
UI5 CORS header in xRoute.png
Posts: 6
Joined: Mon Feb 12, 2018 3:49 pm

Return to PTV xServer meets SAP