CODEWITHSUNDEEP
angularjsgoogle-app-enginecors
Charles Libicki
Charles Libicki

Reputation: 221

AngularJS app in GAE gets CORS error

I have a number of apps on GAE for Python and one based on AngularJS. The others are working fine, and the AngularJS one used to work OK. Now I get the following error:

XMLHttpRequest cannot load xxxxxxxxx/rest/loadlocale?locale=en. Redirect from 'xxxxxxxxxxxxx/rest/loadlocale?locale=en' to 'https://www.google.com/accounts/ServiceLogin?service=ah&passive=true&...... has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'xxxxxxxx' is therefore not allowed access.

If I go to ServiceLogin explicitly from Chrome, the the app will work OK for a while. After a while (I assume when the login expires) the error crops up again.

app.yaml has the following section:

- url: /rest/.*
  script: main.APP
  login: required
  secure: always

but removing "secure: always" makes no difference.

The error occurs at the first client http request, but the Python server code for the request handler shows no sign of ever being accessed.

Upvotes: 1

Views: 295

Answers (1)

fredrik
fredrik

Reputation: 17617

This occurs due the fact you have login: required in your app.yaml meaning that all XMLHttpRequest request will require a valid session.

GAE's login is handled by Google Accounts. So you can't change your settings.

Try removing login from app.yaml. If you only want certain request to be allowed without a valid Google session you need to specify what are allow and not. For instance:

- url: /rest/loadlocale
  script: main.APP
  login: optional # this is the default value and can be removed.
  secure: always

- url: /rest/.*
  script: main.APP
  login: required
  secure: always

Upvotes: 1

Related Questions