Hello, I want to upload some file to Sharepoint using REST API.
I want to do this from another web application's iframe (javascript). In my case, this another application is MS CRM 2015.
I Sharepoint 2013 on-premise and CRM 2015 on-premise.
I'm using Microsoft's proposed way to do this (with library for cross domain calls - https://msdn.microsoft.com/en-us/library/office/dn735924.aspx)
Code looks like this:
function DoWork(fileString, filename) {
var serverUrl = "https://sharepointsite.mydomain.com";
var relativePath = "/dpt/imp/tcs_p/130446/Timesheets";
$.getScript(serverUrl + "/_layouts/15/SP.RequestExecutor.js", execCrossDomainRequest);
function execCrossDomainRequest() {
var executor;
executor = new SP.RequestExecutor("https://sharepointsite.mydomain.com/dpt/imp");
executor.executeAsync(
{
url:
"https://sharepointsite.mydomain.com/dpt/imp" +
"/_api/web/GetFolderByServerRelativeUrl('" + relativePath + "')/Files" +
"/Add(url='" + filename + "')",
method: "POST",
headers: { "Accept": "application/json; odata=verbose" },
success: function (data) {
console.log("succ");
},
error: function (err) {
console.log(err.statusText);
}
}
);
}
}
Code does not work at all. SP.RequestExecutor's executeAsync method never generates any network traffic (nor I get any errors in javascript).
My second approach is to do things manually with $.ajax jquery method.
function DoWork(fileString, filename) {
var serverUrl = "https://sharepointsite.mydomain.com";
var relativePath = "/dpt/imp/tcs_p/130446/Timesheets";
$.ajax({
url: serverUrl +
"/dpt/imp/_api/web/GetFolderByServerRelativeUrl('" + relativePath + "')/Files" +
"/Add(url='" + filename + "')",
type: "POST",
data: fileString,
crossDomain: true,
xhrFields: {
withCredentials: true
},
headers: {
"accept": "application/json;odata=verbose",
"content-type": "text/plain",
"X-RequestDigest": $("#__REQUESTDIGEST").val(),
"content-length": fileString.byteLength
},
success: function (data) {
console.log("succ");
},
error: function (err) {
console.log(err.statusText);
}
});
}
I always get 403-forbidden.
Then I try another request (GET request), only to get the list of files.
$.ajax({
url: "https://sharepointsite.mydomain.com/dpt/imp/_api/web/GetFolderByServerRelativeUrl('/dpt/imp/tcs_p/130446/Timesheets')/Files",
type: "GET",
async: false,
crossDomain: true,
xhrFields: {
withCredentials: true
},
headers: { "accept": "application/json;odata=verbose" },
success: function (data) {
console.log("succ");
},
error: function (error) {
alert(JSON.stringify(error));
}
});
This works perfectly. I see list of files in http response.
What am I missing?
a) Sharepoint permissions? User has full control on "https://sharepointsite.mydomain.com/dpt/imp" site.
GET is possible, but POST causes 403.
b) Some problems related to CORS ?
I put CORS configuration in Sharepoint web.config
<add name="Access-Control-Allow-Origin" value="https://crmsite.mydomain.com" />
<add name="Access-Control-Allow-Credentials" value="true" />
<add name="Access-Control-Allow-Methods" value="GET, POST, PUT, OPTIONS" />
<add name="Access-Control-Allow-Headers" value="Content-Type, Accept, X-Requested-With, X-File-Name"/>
c) Why SP.RequestExecutor never creates any http request? Is this even made for calls outside sharepoint site?
I want to do this from another web application's iframe (javascript). In my case, this another application is MS CRM 2015.
I Sharepoint 2013 on-premise and CRM 2015 on-premise.
I'm using Microsoft's proposed way to do this (with library for cross domain calls - https://msdn.microsoft.com/en-us/library/office/dn735924.aspx)
Code looks like this:
function DoWork(fileString, filename) {
var serverUrl = "https://sharepointsite.mydomain.com";
var relativePath = "/dpt/imp/tcs_p/130446/Timesheets";
$.getScript(serverUrl + "/_layouts/15/SP.RequestExecutor.js", execCrossDomainRequest);
function execCrossDomainRequest() {
var executor;
executor = new SP.RequestExecutor("https://sharepointsite.mydomain.com/dpt/imp");
executor.executeAsync(
{
url:
"https://sharepointsite.mydomain.com/dpt/imp" +
"/_api/web/GetFolderByServerRelativeUrl('" + relativePath + "')/Files" +
"/Add(url='" + filename + "')",
method: "POST",
headers: { "Accept": "application/json; odata=verbose" },
success: function (data) {
console.log("succ");
},
error: function (err) {
console.log(err.statusText);
}
}
);
}
}
Code does not work at all. SP.RequestExecutor's executeAsync method never generates any network traffic (nor I get any errors in javascript).
My second approach is to do things manually with $.ajax jquery method.
function DoWork(fileString, filename) {
var serverUrl = "https://sharepointsite.mydomain.com";
var relativePath = "/dpt/imp/tcs_p/130446/Timesheets";
$.ajax({
url: serverUrl +
"/dpt/imp/_api/web/GetFolderByServerRelativeUrl('" + relativePath + "')/Files" +
"/Add(url='" + filename + "')",
type: "POST",
data: fileString,
crossDomain: true,
xhrFields: {
withCredentials: true
},
headers: {
"accept": "application/json;odata=verbose",
"content-type": "text/plain",
"X-RequestDigest": $("#__REQUESTDIGEST").val(),
"content-length": fileString.byteLength
},
success: function (data) {
console.log("succ");
},
error: function (err) {
console.log(err.statusText);
}
});
}
I always get 403-forbidden.
Then I try another request (GET request), only to get the list of files.
$.ajax({
url: "https://sharepointsite.mydomain.com/dpt/imp/_api/web/GetFolderByServerRelativeUrl('/dpt/imp/tcs_p/130446/Timesheets')/Files",
type: "GET",
async: false,
crossDomain: true,
xhrFields: {
withCredentials: true
},
headers: { "accept": "application/json;odata=verbose" },
success: function (data) {
console.log("succ");
},
error: function (error) {
alert(JSON.stringify(error));
}
});
This works perfectly. I see list of files in http response.
What am I missing?
a) Sharepoint permissions? User has full control on "https://sharepointsite.mydomain.com/dpt/imp" site.
GET is possible, but POST causes 403.
b) Some problems related to CORS ?
I put CORS configuration in Sharepoint web.config
<add name="Access-Control-Allow-Origin" value="https://crmsite.mydomain.com" />
<add name="Access-Control-Allow-Credentials" value="true" />
<add name="Access-Control-Allow-Methods" value="GET, POST, PUT, OPTIONS" />
<add name="Access-Control-Allow-Headers" value="Content-Type, Accept, X-Requested-With, X-File-Name"/>
c) Why SP.RequestExecutor never creates any http request? Is this even made for calls outside sharepoint site?