I am trying to create a custom TFS Extension calling SonarQube API to bring back some vulnerability issues data into TFS and display them in a report…
I am using SonarQube CE 7.9.1 Running on a Windows Server via Java JRE
However I am getting the following error…
Access to XMLHttpRequest at ‘https://sonarqubeserver:9000/api/authentication/validate’ from origin ‘null’ has been blocked by CORS policy: Response to preflight request doesn’t pass access control check: No ‘Access-Control-Allow-Origin’ header is present on the requested resource.
Below is an extract of the JavaScript code… (I am running this locally on my desktop, but have also tried this code on a web server).
I am unable to use a proxy url chaining.
<script>
var xmlhttp = new XMLHttpRequest();
var url = "https://sonarqubeserver:9000/api/authentication/validate";
xmlhttp.onreadystatechange = function() {
if (this.readyState == 4 && this.status == 200) {
var myArr = JSON.parse(this.responseText);
myFunction(myArr);
}
};
xmlhttp.open("GET", url, true);
xmlhttp.setRequestHeader('Accept', 'application/json');
// xmlhttp.setRequestHeader('Content-Type', 'application/json');
xmlhttp.setRequestHeader('Access-Control-Allow-Headers', '*');
xmlhttp.setRequestHeader('Access-Control-Allow-Origin', '*');
xmlhttp.setRequestHeader("Authorization", "Basic <API KEY>");
xmlhttp.send();
function myFunction(arr) {
document.getElementById("id01").innerHTML = arr;
}
</script>
any suggestions would be appreciated on how to get around this issue?