Python Eve : No 'Access-Control-Allow-Origin' Header Is Present On The Requested Resource
Solution 1:
FWIW, I had similar problem.
Then I learned that only schema defined APIs will get the effect of X_DOMAINS header. The api if any you define on your own using something like app = Eve(settings=blah)
and the @app.route()
will not be affected by the X_DOMAINS header. So, in that case, you need to write your own decorator.
Solution 2:
Eve will trigger a CORS response only if
- the request includes a
Origin
header X_DOMAIN
is set in your configuration file (settings.py
)
Since latter condition seems satisfied already, I would make sure that the request is a proper CORS request and it includes an Origin
header.
UPDATE after reading the comment below I think that Postman restricts the Origin header. Try with curl instead:
curl -H "Origin: http://example.com" --verbose http://localhost:5000
With X_DOMAIN
set to *
that request should return something like so:
< HTTP/1.0 200 OK
< Content-Type: application/json
< Content-Length: 141
< Access-Control-Allow-Origin: http://example.com
< Vary: Origin
< Access-Control-Allow-Headers:
< Access-Control-Expose-Headers:
< Access-Control-Allow-Methods: HEAD, OPTIONS, GET
< Access-Control-Allow-Max-Age: 21600
< Server: Eve/0.5 Werkzeug/0.9.6 Python/2.7.8
< Date: Thu, 15 Jan 2015 08:41:08 GMT
If this works then the server is serving CORS request properly. You can then fiddle with X_HEADERS
and other CORS server-side settings as you need.
Solution 3:
You must config eve as.
X_DOMAINS = '*'
X_HEADERS = ['Authorization','Content-type']
and angular as
$http.defaults.headers.common['Authorization'] = 'Basic ' + auth;
That's work for me.
Solution 4:
Also you need to turn on CORS on your AngularJS app
var myApp = angular.module('myApp', [
'myAppApiService']);
myApp.config(['$httpProvider', function($httpProvider) {
$httpProvider.defaults.useXDomain = true;
delete $httpProvider.defaults.headers.common['X-Requested-With'];
}
]);
A server supporting CORS must respond to requests with several access control headers:
Access-Control-Allow-Origin: "*"
By default, CORS requests are not made with cookies. If the server includes this header, then we can send cookies along with our request by setting the withCredentials option to true.
Access-Control-Allow-Credentials (optional)
If we set the withCredentials option in our request to true, but the server does not respond with this header, then the request will fail and vice versa.
Solution 5:
I was able to get past my issues by using pip install flask-cors
and then editing my eve application to use it:
from flask.ext.cors import CORS
app = Eve()
CORS(app)
Post a Comment for "Python Eve : No 'Access-Control-Allow-Origin' Header Is Present On The Requested Resource"