CODEWITHSUNDEEP
pythonajaxflaskcorsflask-restful
TommyT
TommyT

Reputation: 1797

Flask restful api enabling CORS is not working for remote ajax call

I have a flask app in which I have an restful api which I am trying to call through a remote server.

init File :-

from flask.ext import restful
from flask.ext.cors import CORS

app = create_app(__name__)
app.config['CORS_HEADERS'] = 'Content-Type'
cors = CORS(app, resorces={r'/d/<string:d_name>': {"origins": '*'}})
api=restful.Api(app)
api.add_resource(g_Api, '/g/<string:g_id>')
api.add_resource(d_Api, '/d/<string:d_name>')

Now the d_Api class :-

from flask import Flask, render_template, g
from flask.ext.restful import reqparse, abort, Api, Resource
    def abort_if_not_exist(d_name):
      return d_name

    class d_Api(Resource):
      def __init__(self):
        self.d=d

      def get(self, d_name):
        val=abort_if_not_exist(d_name)
        return val

This works fine from the same localhost server returns the correct result. The server running on localhost has an ajax call to the api,

$.ajax({
                                    async: false,
                                    type: 'GET',
                                    url: 'http://localhost:8080/d/'+d_name,
                  success: function(data) {
                                        alert(data);
                                        }
});

When called from remotehost doesn`t return any response, instead in Firefox I get Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource d . This can be fixed by moving the resource to the same domain or enabling CORS.

Im not sure how else to configure CORS for this api endpoint. Im using python 2.6 and 'flask-cors'.

I found this difference : when i try to hit the api from the localhost - 2015-03-09 11:40:35 - Flask-Cors:385 - INFO - CORS request from Origin:xyz-ld2.abc.biz:8080, setting Access-Control-Allow-Origin:* When i try to hit the api from a remote host : 2015-03-09 11:47:15 - Flask-Cors:385 - INFO - CORS request from Origin:None, setting Access-Control-Allow-Origin:*

Upvotes: 2

Views: 5499

Answers (3)

Sanyam Khurana
Sanyam Khurana

Reputation: 1421

The problem is with this statement in your code:

cors = CORS(app, resorces={r'/d/<string:d_name>': {"origins": '*'}})

From the documentation: http://flask-cors.corydolphin.com/en/latest/api.html?highlight=origin#flask_cors.cross_origin

flask_cors.cross_origin(*args, **kwargs) The origin, or list of origins to allow requests from. The origin(s) may be regular expressions, case-sensitive strings, or else an asterisk

Here you need to provide a RegEx instead; like:

cors = CORS(app, resorces={r'/d/*': {"origins": '*'}})

This would enable CORS on all routes starting with /d/

Hope this helps!

Upvotes: 0

TommyT
TommyT

Reputation: 1797

Ok. The issue is I was using 

$.ajax({
                                    async: false,
                                    type: 'GET',
                                    url: 'http://localhost:8080/d/'+d_name,
                  success: function(data) {
                                        alert(data);
                                        }
});

Url as localhost which is not the right way to do it. You should always use the IP or VIP on which the content is hosted or the domain address. eg: url : 'http:// xyz .com:8080/d'+d_name' will work. For https:// use 

url:"//xyz. com/d/d_name" i.e. without the protocol.

Upvotes: 0

rezkam
rezkam

Reputation: 1357

Problem is with resources definition and you only can use regex for the resources You need something like this or any other valid regex :

cors = CORS(app, resorces={r'/d/*': {"origins": '*'}})

Upvotes: 1

Related Questions