Login/Register
WCF DataService not supporting preflight OPTIONS requests?
Asked Answered
Solved wcf-data-servicesodatacorspreflight
S

1

6

I want to use an ajax-based component (KendoUI) to read/modify entities on an OData endpoint implemented by WCF DataServices.

The service implementation was fairly easy in the first place:

public class MyFooService : DataService<FooContext>
{
    public static void SetEntitySetAccessRules(IDataServiceConfiguration config)
    {
        config.SetEntitySetAccessRule("Foos", EntitySetRights.AllWrite);
    }
}

Now I was expecting to be able to modify entities using PUT. KendoUI provides a nice and easy configuration interface and does a good job in generating the PUT request.

We are making a cross-domain request and use CORS. So, Firefox, for example, sends a preflight OPTIONS request to the OData service before sending the PUT.

Unfortunately the service endpoint seems not to support OPTIONS out-of-the-box: The response to the OPTIONS request is "501 Not Implemented" with an empty content. At least we managed that the response has the CORS headers as follows:

<system.webServer>
  <modules runAllManagedModulesForAllRequests="true" />
  <!-- Enable cross-origin resource sharing -->
  <!-- http://enable-cors.org/#how-asp.net -->
  <httpProtocol>
    <customHeaders>
      <add name="Access-Control-Allow-Origin" value="*" />
      <add name="Access-Control-Allow-Methods" value="POST, PUT, DELETE, GET, OPTIONS" />
      <add name="Access-Control-Allow-Headers" value="content-Type, accept, origin, X-Requested-With" />
      <add name="Access-Control-Allow-Credentials" value="true" />
    </customHeaders>
  </httpProtocol>
</system.webServer>

Googling for this has turned out a bit challenging because "options" is a very popular term...

I found this article but it seems very, very complicated. I mean, OData is all about REST, I can't imagine that WCF Data Services don't provide a simple way to allowing preflight requests, or?

Sonasonant answered 22/11, 2012 at 16:17 Comment(3)
I take it that WCF OData Service works on WCF and passes through the same WCF pipeline. If so check out the link in this answer.. IMHO its the easiest way to implement CORS in WCF.Illume
I know this is not exactly what you want but I think the easiest way to work with cross domain requests is just to use the IIS´ reverse proxy. In this way you go only against your own domain and the IIS is who sends your request to the other domain. Then, your code doesn´t have to know anything about other domains.Homogenetic
Randomly stumbled upon this; just thought I'd link to this and that for additional discussion.Intracranial
O
1

Currently WCF DataServices don't support CORS, and every solution I have seen is a hack, and works flaky at best.

I had the same problem, and I just ported my code from WCF to an Web API 2 OData solution. Web API 2 has support for CORS and it is really easy to setup.

If you are familiar with Web API, check out this link: http://msdn.microsoft.com/en-us/magazine/dn532203.aspx

And here is a tutorial on how to create an OData endpoint with Web API: http://www.asp.net/web-api/overview/odata-support-in-aspnet-web-api/odata-v3/creating-an-odata-endpoint

Occidentalize answered 2/10, 2014 at 14:46 Comment(1)
Thank you. Though the answer is late (I solved the problem by switching to WebAPI, too :-)) - this will be a helpful answer for any future readers as far as I can tell.Sonasonant

© 2022 - 2024 — McMap. All rights reserved.