galeej galeej - 4 months ago 54
AngularJS Question

Getting CORS error in angularJS front end

I am using a flask server with an angular front end. Up until recently, I was running the project on my local and had no issues.

I now moved my project to a remote server and have been getting the following error. I am not sure what i'm doing wrong:

My error:


XMLHttpRequest cannot load http://ec2-..../api/loginStatus/. No
'Access-Control-Allow-Origin' header is present on the requested
resource. Origin 'http://localhost:8100' is therefore not allowed
access. The response had HTTP status code 503.


The snippets of my flask server side code (where I am adding my headers to the response is given below):

@app.after_request
def after_request(response):
response.headers.add('Access-Control-Allow-Origin','http://localhost:8100')
response.headers.add('Access-Control-Allow-Headers', 'Content-Type,Authorization')
response.headers.add('Access-Control-Allow-Methods', 'GET,PUT,POST,DELETE')
response.headers.add('Access-Control-Allow-Credentials', 'true')
return response


I use both restangular and $http methods in my front end angularjs.

I have added the following lines in the .config of my main module:

.config(['RestangularProvider', '$stateProvider', '$urlRouterProvider','$httpProvider',
function(RestangularProvider, $stateProvider, $urlRouterProvider,$httpProvider) {

//$httpProvider.defaults.useXDomain = true;
$httpProvider.defaults.headers.common['Access-Control-Allow-Origin'] = "http://localhost:8100";
$httpProvider.defaults.withCredentials = true;
$httpProvider.defaults.headers.common = 'Content-Type: application/json';
delete $httpProvider.defaults.headers.common['X-Requested-With'];


Would someone be able to help me out here? I've referred to a lot of material and I am not sure what i'm doing wrong.

PS: I am getting 200 status messages on my server. I am therefore assuming that the error is in my front end and not my server side. Please correct me if I am wrong

Regards,
Sunil

EDIT

Hi everyone, I have solved the issue. I would like to thank @Mathijs Segers and @Hassan Mehmood for their inputs.

It turns out that there was a nginx configuration issue which led to the server becoming unavailable.

Firstly, there was an issue with the symbolic link that was being created for the flask backend (I am running my server side through a git repo on /home/username and then creating a symbolic link at /var/www/sitename.com

I was also throttling the number of requests that can be sent in a second (users could send only 1 every 2 seconds) resulting in the 503 error.

The original code I put up worked fine after I fixed it.

Answer

Eyooo, it is actually on your server side. You need to provide correct headers.

So you've tried this, I have no experience with flask but this I don't like;

response.headers.add('Access-Control-Allow-Origin','http://localhost:8100')

for testing purposes I suggest you just change the http:// part, to * so

 response.headers.add('Access-Control-Allow-Origin','*')

If that doesn't work verify that the header is actually being set, you could use a different program which doesn't care for CORS like postman or directly calling it in the browser if it doesn't depend on Accept headers.

here is some more readings about what it all is about. https://developer.mozilla.org/en-US/docs/Web/HTTP/Access_control_CORS

EDIT:

Ok silly of me: The response had HTTP status code 503. This part in the error actually states what kind of response your server is giving, so currently there is an error on your server side. This happens when it is f/e down or what not.

So it seems that you're not doing anything strange, but your server side seems broken.

XMLHttpRequest cannot load http://ec2-..../api/loginStatus/. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:8100' is therefore not allowed access. The response had HTTP status code 503.

So this error here, I suggest looking at your headers, and maybe disable some. You currently allow only 2 request headers that might cause some issues as well?

Comments