Error : “The 'Access-Control-Allow-Origin' header contains multiple values” while enabling CORS in SharePoint 2013

sharepoint.stackexchange https://sharepoint.stackexchange.com/questions/240285

Domanda

I am trying to access SharePoint Document Library Data from outside application through rest api. Below is the code I am using.

function readSPRestApi() {
        console.log("Calling Api..");
        var url = "http://mysite.sharepoint.com/sites/site1" + "/_api/web/lists/getbytitle('Document Library')";
        $.ajax({
            url: url,
            headers: {
                Accept: "application/json;odata=verbose"
            },
            crossDomain: true,
            xhrFields: { withCredentials: true },
            async: false,
            success: function (data) {
                console.log("Done..")
            },
            error: function (jqxr, errorCode, errorThrown) {
                console.log(jqxr.responseText);
            }
        });

    }

The above code was previously giving the error that "Access-Control-Allow-Origin" header is present. So I added the following header in the web.config file of my application

<customHeaders>
    <add name="Access-Control-Allow-Origin" value="*" />
    <add name="Access-Control-Allow-Methods" value="GET, POST, PUT, DELETE, OPTIONS" />
    <add name="Access-Control-Allow-Credentials" value="true"/>
    <add name="Access-Control-Allow-Headers" value="Origin, X-Requested-With, Content-Type, Accept" />  
</customHeaders>

Now the CORS and error 401(unauthorized) is not coming but a new error is generated while making the calls.

Failed to load http://mysite.sharepoint.com/sites/site1/_api/web/lists/getbytitle('Document Library'): The 'Access-Control-Allow-Origin' header contains multiple values '*, *', but only one is allowed. Origin 'http://localhost:62747' is therefore not allowed access.

Even though I have added the header only once. The network tab in the chrome is also showing two entries of the header in the Response Header. But in the response tab the data is coming as expected so I am assuming the CORS and authorization issue is not there.

Anyone has any idea about how to add the Cross-Origin header in the SharePoint 2013 properly??

Thanks in advance

È stato utile?

Soluzione

Finally got the answer to this

For this we have to disable the "Request Management" service on the SharePoint server. Following are the steps to do it.

Go to

Central Admin-->Application Management-->Manage services on server (under Service Applications)--> and Stop the Request Management service.

If you don't have the access to Central Admin refer this Link to get it done through PowerShell.

Happy Coding..!!

Autorizzato sotto: CC-BY-SA insieme a attribuzione
Non affiliato a sharepoint.stackexchange
scroll top