Problem with Same-Origin Policy
We have a published application at HCPms, that if we do not activate the Same-Origin Policy option works correctly, but in the moment we activate this option stops working.
The application is fiori and runs in a fiori client customized although we have also tested in a public fiori client.
The communication between HCPms and backend works correctly, but in the moment when we want to access to the fiori tile an error appears, although if we do not activate the Same-Origin Policy works correctly.
The error is the following:
We see the following when debugging:
and if we look at the headers we see the following:
We see that in the Response Headers, the header "Acces-Control-Allow-Origin" is correct "https://mobile-xxx.hana.ondemand.com", but the request URL that arriving and blocks it is "http://mobile-xxx.hana.ondemand.com:443/.....".
As can be seen, the domain protocol it receives and the protocol of the domain allowed are different. This is the reason of the blocking.
How is possible we recived the request with the protocol changed?
Thanks and regards.
this issue has been solved in the 1.3.1 version of the HCPms with the SAP SDK PS10 PL06.