Axios not passing Content-Type header

Question

I'm running an Odoo instance in the backend, and I created a custom module that exposes a web controller as follows:

Web Controller

# -*- coding: utf-8 -*-
from odoo import http
import odoo
from odoo.http import Response, request
from werkzeug import wrappers
import json


class VueWebServices(http.Controller):
    @http.route('/vuews/msg/', auth='none', type='json', methods=['POST', 'GET', 'OPTIONS'], csrf=False)
    def answermsg(self, **post):
        product_ids = request.env['product.product'].sudo().search([])
        dict = {}
        r = request
        d = request.httprequest.data
        dv = http.request.params
        for k in product_ids:
            tuple = {}
            tuple.update({"name":k['name']})
            tuple.update({"id": k['id']})
            dict.update(tuple)
        return json.dumps(dict)

In order to allow cors, I'm also proxying odoo through Nginx. Here's what nginx.conf looks like:

nginx.conf

upstream odoo {
        server 127.0.0.1:8069;
    }
    server {
        listen  443 default;
        server_name localhost;
        root    c:/nginx/html;
        index   index.html index.htm;

        access_log c:/nginx/logs/odoo.access.log;
        error_log c:/nginx/logs/odoo.error.log;

        proxy_buffers 16 64k;
        proxy_buffer_size 128k;

        location / {
            proxy_pass  http://odoo;
            proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504;
            proxy_redirect off;

            proxy_set_header    Host            $host:$server_port;
            proxy_set_header    X-Real-IP       $remote_addr;
            proxy_set_header    X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header    X-Forwarded-Proto https;

            add_header    'Access-Control-Allow-Origin' '*' always;
            add_header    'Access-Control-Allow-Methods' 'GET, POST, OPTIONS' always;
            add_header    'Access-Control-Allow-Headers' 'Origin, X-Requested-With, Content-Type, Accept' always;
            add_header    'Access-Control-Request-Headers' 'Content-Type' always;
            add_header    'Access-Control-Allow-Credentials' 'true' always;
        }

        location ~* /web/static/ {
            proxy_cache_valid 200 60m;
            proxy_buffering on;
            expires 864000;
            proxy_pass http://odoo;
        }


    }

When I try to access the route through postman, it works as expected. But when I try to access it through axios, I get 400 BAD REQUEST. In the odoo console, it throws me this: Function declared as capable of handling request of type 'json' but called with a request of type 'http'

Here's how my Vue JS app queries the controller:

axios({
      method: "POST",
      headers: {
        "Content-Type": "application/json",
        "Cache-Control": "no-cache",
      },
      data: {
        "message": "Hello World"
      },
      url: "http://localhost:443/vuews/msg"
    });

I'm clearly passing the content-type : 'application/json' header, so what's wrong?

Answer 1

Finally solved this. It was a CORS issue, one I fixed by modifying the code in nginx.conf as follows:

upstream odoo {
        server 127.0.0.1:8069;
    }
server {
        listen  443 default;
        server_name localhost;
        root    c:/nginx/html;
        index   index.html index.htm;

        access_log c:/nginx/logs/odoo.access.log;
        error_log c:/nginx/logs/odoo.error.log;

        proxy_buffers 16 64k;
        proxy_buffer_size 128k;

        location / {
            proxy_pass  http://odoo;
            proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504;
            proxy_redirect off;

            proxy_set_header    Host            $host:$server_port;
            proxy_set_header    X-Real-IP       $remote_addr;
            proxy_set_header    X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header    X-Forwarded-Proto https;


            if ($request_method = 'OPTIONS') {
                add_header 'Access-Control-Allow-Origin' 'http://localhost:8080'; 
                add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS'; 

                add_header 'Access-Control-Allow-Headers' 'DNT,access-control-allow-origin,x-openerp-session-id,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type';

                add_header 'Access-Control-Allow-Credentials' 'true';
                add_header 'Access-Control-Max-Age' 1728000;
                add_header 'Content-Type' 'application/json charset=UTF-8';
                add_header 'Content-Length' 0;
                return 204;
            }
            if ($request_method = 'POST') {
                add_header 'Access-Control-Allow-Origin' 'http://localhost:8080'; 
                add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
                add_header 'Access-Control-Allow-Headers' 'DNT,access-control-allow-origin,x-odoo-session-id,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type'; 
                add_header 'Access-Control-Allow-Credentials' 'true';
            } 

            if ($request_method = 'GET') {
                add_header 'Access-Control-Allow-Origin' 'http://localhost:8080';
                add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
                add_header 'Access-Control-Allow-Headers' 'DNT,access-control-allow-origin,x-odoo-session-id,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type';
                add_header 'Access-Control-Allow-Credentials' 'true';            
            }

        }

        location ~* /web/static/ {
            proxy_cache_valid 200 60m;
            proxy_buffering on;
            expires 864000;
            proxy_pass http://odoo;
        }


    }

Please note: In the Access-Control-Allow-Origin header, I specified the address and port of the application I'm working on, http://localhost:8080. You can put '*' instead or whatever address works for you. Also, the Access-Control-Allow-Credentials header is not necessary unless you plan on sending authentication cookies/headers from your application to access certain routes from the server. In my case, I added the parameter withCredentials: true to my axios call, thus I had to add the Access-Control-Allow-Credentials : true header to nginx.conf, and also had to specify the address and port of my vue app. (localhost:8080).

Alternatively, if you're working with an Odoo web controller, you can do without Nginx by simply adding the cors='*' decorator to your web controller declaration. Here's an example:

@http.route('/vuews/msg/', auth='none', type='json', methods=['POST', 'GET', 'OPTIONS'], cors='*', csrf=False)

Bonus: If you plan on sending data to an Odoo web controller via an HTTP POST request, be sure to include it in params: {} like so:

data: {
        jsonrpc: '2.0',
        method: 'call',
        id: 1,
        params: {
          message: 'Hello World'
        }
      },

You can then access it in the backand via the post object, provided you declared it in your controller's function arguments like so:

@http.route('/vuews/msg/', auth='none', type='json', methods=['POST', 'GET', 'OPTIONS'], csrf=False)
    def answermsg(self, **post):
    // do something here... ex: data = post;

I hope this can help anyone who stumbles into this issue. Feel free to contact me if you need help.