Cross-Domain Request Support

This space is made available to users of Open Patent Services (OPS) web-service and now also to users of EPO’s bulk data subscription products such as 14. EPO worldwide bibliographic database (DOCDB), 14.11 EPO worldwide legal status database (INPADOC), 14.12 EP full text data, 14.1 EP bibliographic data (EBD)and more.

Users can ask each other questions, exchange experiences and solutions, post ideas. The moderator will use this space to announce changes or other relevant information.
Post Reply

FuchsS
Posts: 2
Joined: Wed Jun 27, 2018 1:38 pm

Cross-Domain Request Support

Post by FuchsS » Wed Jun 27, 2018 2:02 pm

Hi,

the documentation given on the epo homepage regarding Cross-Domain Request contains a complete example (in Chapter 3). This example (and any changes, I made to it), worked fine until the update to version 3.2. I changed all the URLs accordingly, which also work in a VFP-Script, I wrote. But testing the example, mentioned in the documentation, tells me that the source in the iframe "http://ops.epo.org/3.1/xss/crosssitescript.html" doesn't exist. This is understandable, as version 3.1 reached its end of life, but simply changing the source to ".../3.2/xss/crossitescript.html" doesn't fix the problem.

Would it be possible to update your documentation with a working example?


EPO / OPS Support
Posts: 980
Joined: Thu Feb 22, 2007 5:32 pm

Re: Cross-Domain Request Support

Post by EPO / OPS Support » Fri Jun 29, 2018 7:10 am

HI,

Please see the picture below. You need to use any tool that will allow adding your account credentials to set in order to open 3.2 documentation. We use POSTMAN, but there surely are many other tools that can do that.
I will also ask colleagues in charge to amend the PDF document on Cross-domain requests support. I will let you know when the new version will be available

Regards,
Vesna for OPS
Capture_CD.JPG


FuchsS
Posts: 2
Joined: Wed Jun 27, 2018 1:38 pm

Re: Cross-Domain Request Support

Post by FuchsS » Thu Jul 05, 2018 3:24 pm

As suggested, I downloaded POSTMAN and generated a request using Basic Authentication and my OPS credentials. When trying a GET-Request for the url "http://ops.epo.org/xss/crosssitescript.html" I get the response body, as shown in the screenshot. I will try to embed the code seen in the Response-Body into my existing code.

Thank you for the quick reply and help!


dev-info
Posts: 2
Joined: Mon Aug 20, 2018 3:06 pm

Re: Cross-Domain Request Support

Post by dev-info » Mon Aug 20, 2018 3:15 pm

hello, i try to use your example in my code, but i have all the time 403 response... but my headers is set
this is my code:

<iframe id="client" src="http://ops.epo.org/xss/crosssitescript.html" />


<script type="text/javascript">
// cross request ///
var client = document.getElementById('client');

window.onload = function(){

var data = "{'url' : 'http://ops.epo.org/3.2/rest-services/pu ... 000/biblio',"+ "'method' : 'GET', "+ "'requestHeaders' : {'Accept': 'application/json', 'Authorization': 'Basic *****************='} }";

client.contentWindow.postMessage(data, 'http://ops.epo.org');
}

function receiveMessage(event){

if (event.origin == "http://ops.epo.org") {
var dataJSON = eval('(' + event.data + ')');
console.log('data received: ', dataJSON);
//Now let's get some data using JSONP
getJSONP();
} else {
alert("Got message from unknown source.");
}
}

//JSONP
function getJSONP(){
jQuery.ajaxSetup({
headers : {
'Authorization' : 'Basic *****************=',
'Accept': 'application/json',
}
});
var sUrl = 'http://ops.epo.org/3.2/rest-services/fa ... 000000/.js'+ '?callback=?';

jQuery.getJSON(sUrl, function(oData) {
console.log('jsonp data received: ', oData);
});
}

do you think can you help me?
with postman that work fine, but not like that, i don't understand..
Thank you


EPO / OPS Support
Posts: 980
Joined: Thu Feb 22, 2007 5:32 pm

Re: Cross-Domain Request Support

Post by EPO / OPS Support » Tue Aug 21, 2018 6:21 am

Hi,

Code 403 tells you that your credentials are not set properly, it seems like you are using token whereas I am only using my OPS account credentials in my POSTMAN screen. Maybe someone can tell you how they did it? In the meantime, we are looking for a way to look at those documents in a simpler way, without OPS login.

Let's see if anyone reading this will offer you some advice on how they did it,

Regards,
Vesna for OPS support


dev-info
Posts: 2
Joined: Mon Aug 20, 2018 3:06 pm

Re: Cross-Domain Request Support

Post by dev-info » Tue Aug 21, 2018 7:22 am

Hello,
Yes in postman that work really great. I use the same authentication to you (username and password like that it's: "Basic ***base64*****=" . But for integred it, the iframe send request without authentication, so, response is only 403.
I tried to send before setup header with authentication, but that no worked too...

Thank you to your response :)


Post Reply