Login/Register
WCF DataService (OData) and CORS
Asked Answered
Solved c#wcfodatacorsdataservice
F

1

4

I am trying to get a WCF DataService working with cross domain requests. I found this on how to get a WCF service to work with CORS: http://blogs.microsoft.co.il/blogs/idof/archive/2011/07/02/cross-origin-resource-sharing-cors-and-wcf.aspx

I downloaded the sample, but can't get it to work with a DataService. It works with the sample service, but not with my DataService.

This is my very simple WCF DataService:

public class TestService : DataService<DataContext>
{
    public static void InitializeService(DataServiceConfiguration config)
    {
        config.UseVerboseErrors = true;
        config.SetEntitySetAccessRule("Items", EntitySetRights.All);
        config.DataServiceBehavior.MaxProtocolVersion = DataServiceProtocolVersion.V3;
    }
}

The TestService.svc file:

<%@ ServiceHost Language="C#" Factory="WebHttpCors.CorsWebServiceHostFactory, WebHttpCors" Service="MvcApplication1.TestService" %>

The DataContext is also very simple:

public class DataContext : DbContext
{
    public DbSet<Item> Items { get; set; }
}

But still, the preflight options request returns with a 501. Is there something I am missing to get CORS to work with a Dataservice?

Florance answered 6/11, 2013 at 9:19 Comment(0)
L
3

If you're using IIS, verify that the ExtensionLess handler is configured to handle the OPTIONS requests.

A few notes unrelated to your direct issue: since CORS is not properly supported, neither the package you found nor any other solutions will be truly satisfactory (you won't be able to easily specify your policies). It's possible to create a professionally-maintained package to do this using WCF inspectors, but I haven't seen any. Instead, I'd like to invite you to vote this up should you agree.

In the meantime, I can only recommend that you integrate any code you find on the web very carefully (as most of it is barely tested). This article may assist you with that. This is not directly related to Data Services, but it's the same WCF tech. Maybe look at the Web API implementation or other projects for inspiration.

Good luck.

PS: In 90% of the situations, you'll also want to forget about solutions involving proxying. In most architectures, it's just horrible and makes very little sense unless your edge backend is designed in a way that somehow would make it seem less kludgy.

Update: Also verify that the implementation you're using actually handles the OPTIONS requests properly. If it passes them through, WCF Data Services will return a 501, and the interceptor might just pass it back through as well even though the headers were set correctly. Since preflight requests don't need a body, a quick and dirty hack would be to pickup these 501s and change them into 200s, but obviously you really want to stop the request from hitting the data service in the first place.

Leahleahey answered 7/11, 2013 at 17:48 Comment(4)
Thank you very much, this really helped me, especially the updated part, this is where the 501 came from, and I indeed can set it to 200 then. I agree with you that this is quick and dirty, and I will check out if we can move to a Web API to have a proper implementation.Florance
I am having the same issue with my odata service and can't find the way out of this trouble @Florance have you got some solution about this ??Pellegrini
Royaan, what I did was using this code: skydrive.live.com/… and then changing the ResponseCode in the CorsMessageInspector to 200 in the BeforeSendReply method. But as tne said, this is a quick and dirty hack.Florance
In the meantime, I have ported the DataService over to WebAPI. I can only recommend that to anyone who needs CORs support for their ODATA service. Easy to implement, works really well: msdn.microsoft.com/en-us/magazine/dn532203.aspxFlorance

© 2022 - 2024 — McMap. All rights reserved.