B2B Integration

 View Only
  • 1.  Sterling B2B - CORS

    Posted Wed May 12, 2021 02:58 PM
    Good afternoon,

    I have a web page that will call an endpoint from a Sterling B2B HttpServerAdapter.

    As the Http Request is using the jquery framework (ajax javascript), the browser does a preflight by calling Http's OPTIONS method, however it gives an error because the OPTIONS method is not available (CVE-2016-0210). Is there a way to enable the OPTIONS method?




    ------------------------------
    Fabio Aurelio Maciel Lima e Silva
    ------------------------------

    Attachment(s)

    html
    cors.html   513 B 1 version


  • 2.  RE: Sterling B2B - CORS

    Posted Thu May 13, 2021 12:26 AM
    check your http.properties or customer_overrides file, see if the OPTIONS method forbidden

    ------------------------------
    Rajasekhar Muthamsetty
    ------------------------------



  • 3.  RE: Sterling B2B - CORS

    Posted Fri June 04, 2021 02:10 PM
    I checked the properties file, it had no information about http options

    ------------------------------
    Fabio Aurelio Maciel Lima e Silva
    ------------------------------



  • 4.  RE: Sterling B2B - CORS

    InnerCircle
    Posted Fri June 04, 2021 05:50 AM
    Hi Fabio​​

    What is the HTTP Server Adpater returning?

    I might have a solutions for you. I just need to understand to flow of data.

    ------------------------------
    Sincerely,
    Clayton Snyman
    ------------------------------



  • 5.  RE: Sterling B2B - CORS

    Posted Fri June 04, 2021 02:14 PM
    Hi Clayton, the Http Server Adapter does not process the request. I think Jetty does away with request options. 

    look this: https://www.cvedetails.com/cve/CVE-2016-0210/


    ------------------------------
    Fabio Aurelio Maciel Lima e Silva
    ------------------------------



  • 6.  RE: Sterling B2B - CORS

    InnerCircle
    Posted Mon June 07, 2021 03:25 AM
    Hi Fabio,

    Are you able to share the error messages or logs?

    ------------------------------
    Sincerely,
    Clayton Snyman
    ------------------------------