SmartObject REST services endpoints do not support CORS
kbt145221
PRODUCTK2 blackpearl 4.7
BASED ONK2 blackpearl 4.7
SEE ALSOK2 API
This article was created in response to a support issue logged with K2. The content may include typographical errors and may be revised at any time without notice. This article is not considered official documentation for K2 software and is provided "as is" with no warranties.
LEGACY/ARCHIVED CONTENT
This article has been archived, and/or refers to legacy products, components or features. The content in this article is offered "as is" and will no longer be updated. Archived content is provided for reference purposes only. This content does not infer that the product, component or feature is supported, or that the product, component or feature will continue to function as described herein.
Issue
This occurs when you need to set up cross domain requests and parameter Access-Control-Allow-Origin on the K2 server side for queries to REST endpoints in K2 4.7.
Symptoms
After changing the enableCrossDomainPolicy setting in the configuration file to "Enable", you keep getting the following error message in the web browser:"No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'null' is therefore not allowed access."
Resolution
CORS settings for the SmartObject REST services are not supported.
The reason for this is that the REST service is hosted in the host server instead of IIS, which means there is no web.config file to configure CORS settings.
There is an existing feature request to implement this option. This functionality is only available in K2 Cloud. With K2 Five you can use OData services as an alternative.