Hyland Connect

haa05 · ‎12-09-2013

Hi,

we would like to create a simple Javascript application that uses the Alfresco Cloud API.
Testing the API with a REST client works fine.

When we use a call like this using jQuery


$.ajax({
  type:"GET",
  url: "https://api.alfresco.com/company.com/public/cmis/versions/1.1/atom/children?id=f3a0dee7-41d3-4fa1-9b... ASC",
  crossDomain: "true",
  beforeSend: function (request)
  {
     request.setRequestHeader("Authorization", "Bearer <accessToken)");
  }
})
‍‍‍‍‍‍‍‍‍‍‍

we get 403 forbidden. If we test with Google Chrome and web-security-disabled it works fine.

This seems to be due to the same origin policy.
Are such calls allowed on Alfresco side (I guess they are)?
Is the browser blocking such requests?
Is there a way to overcome this problem?

I thought the REST based API should make the creation lightweight clients easier.

Thanks in advance!

Regards,
Arno

jpotts · ‎12-10-2013

You appear to be attempting to use CMIS 1.1 to work with Alfresco in the cloud. Unfortunately, CMIS 1.1 is not yet supported in Alfresco in the cloud.

Can you please change the URL from versions/1.1 to versions/1.0 and try again?

Jeff

Jeff Potts
https://www.metaversant.com | https://ecmarchitect.com

haa05 · ‎12-11-2013

Thanks for the hint Jeff. Changing to version 1.0 makes no difference - same error.

Should this work by design?
I thought that it's sufficient that the server allows cross-domain request and Alfresco Cloud is setup that way.

Arno

jpotts · ‎12-11-2013

I can confirm that this call works in a browser-based HTTP client as well as on the command line with curl but it does not work with JQuery. Unfortunately, I do not think it is possible to specify the authorization header while also making a cross-domain request.

Jeff

Jeff Potts
https://www.metaversant.com | https://ecmarchitect.com

Hyland Connect

Alfresco Cloud API call via AJAX - 403 forbidden