vendredi 30 janvier 2015

EmberJS calls to an MVC Web API result in a CORS message when authorization fails

I am using EmberJS to communicate with an MVC Web API using Auth0 for authorization. When I have a valid bearer token I can communicate and retrieve data from the Web API just fine. When the token expires the Web API returns an an expected 401 the following message is displayed in the browser console:


No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:4200'


The ajaxError method of the RESTAdapter is called as expected, but the jqXHR.status field is 0.



export default
DS.RESTAdapter.extend({
namespace: 'api',
host: webApiUrl,

headers: function() {
return {
"Authorization": 'Bearer ' + localStorage.getItem('userToken'),
};
}.property().volatile(),

ajaxError: function(jqXHR) {
var error = this._super(jqXHR);

if (jqXHR && jqXHR.status === 401) {
Ember.Logger.info("Not Authorized");
}

Ember.Logger.info("Error " + jqXHR.status + " calling API redirecting to login.");

}
});


Here is a sample of the response returned from the API:



HTTP/1.1 401 Unauthorized
Cache-Control: no-cache
Pragma: no-cache
Content-Type: application/json; charset=utf-8
Expires: -1
Server: Microsoft-IIS/8.0
X-AspNet-Version: 4.0.30319
X-SourceFiles: =?UTF-8?B?QzpcU291cmNlXFBheWNvckRldlxTb3VyY2VcSW50ZWdyYXRpb25cR2VuZXJhbFxNYWluXFBheWNvci5JbnRlZ3JhdGlvbi5PcGVyYXRpb25zXFBheWNvci5JbnRlZ3JhdGlvbi5PcGVyYXRpb25zLkFwaVxhcGlcbG9nZ2luZ0V2ZW50cw==?=
X-Powered-By: ASP.NET
Date: Fri, 30 Jan 2015 16:45:35 GMT
Content-Length: 927


I have tried XML and plan/text Content-types, but the result is the same.


I don't believe this is an actual CORS issue because this problem only occurs when the API returns an error; otherwise I'm downloading and displaying the data just fine.


Does anyone know what the issue might be?


Thanks in advance.





Aucun commentaire:

Enregistrer un commentaire