How to handle and set CORS in TMS Webcore client ?

Hi , 


i ran into this error in my Browser console ...

Access to XMLHttpRequest at 'http://localhost:8080/api/auth/token?db=v10c_demo_gotdata1&login=admin&password=admin1' from origin 'http://localhost:8000' has been blocked by CORS policy: The response is invalid.

and i referred to your comments in https://www.tmssoftware.com/site/forum/forum_posts.asp?TID=11259&KW=cors&title=loadfromjson 

and have checked  https://stackoverflow.com/questions/50065875/how-to-enable-cors-in-python
but have no clues about what to do with the TMS Webcode , TMSWebconnection component's properties "Headers"

my Questions is how to set the value inside the headers ? 
can you give some sample ?

mine , the headers value inside is BLANK , is that why it gave errors for the CORS ?
really no clues what to do with CORS and how it effected my apps...

Thanks for advising .
Cheers,
Kalmen

You enable CORS server-side, not client-side. It's your server that should handle it, and should be straightforward.

Which server framework you use? Also, sending user name and password in plain text in URL is a big security issue...

Hi , i am really not good in web and http response , this is what i got ,see if it helps you to give me advice ?


1. if i put this in my browser URL ,
    http://172.16.244.1:8069/api/auth/token?db=v10c_demo_gotdata1&login=admin&password=admin1

 the server responded with 
Regards,
Kalmen

Your server is probably not sending the CORS headers in the 401 response.

Again, what is your server written with? Is it a framework or developed in-house?

yes, it is written using python werkzeug WSGI , the complete respond is as

follow ,

def invalid_response(typ, message=None, status=400):
    """Invalid Response
    This will be the return value whenever the server runs into an error
    either from the client or the server."""
    return werkzeug.wrappers.Response(
        status=status,
        content_type='application/json; charset=utf-8',
        response=json.dumps([{
            'type': typ,
            'message': message if message else 'wrong arguments (missing validation)',
        }]),
    )

so it is something wrong with my respond from server above ?

https://stackoverflow.com/questions/50065875/how-to-enable-cors-in-python