0

I have a Flask app that's split into front-end SPA (Vue.js) and back-end. But I'm having trouble with CORS.

In the front-end, I'm making API calls to //127.0.0.1:5000, which is what the back-end is listening to:

axios.put(
    '//127.0.0.1:5000/api/foo',
    formData,
    {
        headers: {
            'Content-Type': 'multipart/form-data'
        }
    })

On the back-end, I set up CORS by using Flask-CORS just like everybody mentions. I'm also using Blueprints (if that makes any difference), and my router looks like this:

from flask_cors import CORS

api = Blueprint('api', __name__)
CORS(api)

@api.route('/api/foo', methods=['PUT'])
def foo():
   # etc...

In Firefox, I get an OPTIONS preflight request, then a console error:

Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://127.0.0.1:5000/api/foo. (Reason: CORS request did not succeed). Status code: (null).

And on Chrome, I get this error:

PUT https://127.0.0.1:5000/api/foo net::ERR_CONNECTION_REFUSED

On my local machine, I have no problems. The issue happens on the instance I've deployed to Digitalocean. It has HTTPS enabled, so that shouldn't be an issue (I think). Any ideas? Do I need to change the call to localhost to something else? I feel like I've tried all the relevant suggestions regarding CORS.

Eyeofpie
  • 330
  • 2
  • 13
  • How you configured your instance on Digital Ocean? Have you configured apache or nginx ? if Yes, Can you show a sample of it ? – Niloy Jul 18 '22 at 19:28
  • Does this answer your question? [Can't add http://localhost to DigitalOcean Spaces CORS Rules](https://stackoverflow.com/questions/65523590/cant-add-http-localhost-to-digitalocean-spaces-cors-rules) – Yogi Jul 18 '22 at 19:30
  • @Niloy If I placed the app behind an Nginx/Apache server, wouldn't that still throw the same CORS error? (To answer your question, no, I'm currently just running straight from Gunicorn.) – Eyeofpie Jul 18 '22 at 19:35
  • @Yogi That question seems to be talking specifically about _Spaces_, which I'm not using. I'm just using a regular droplet. – Eyeofpie Jul 18 '22 at 19:52
  • Was this ever solved? I'm facing this exact issue at the moment. – Denzel Hooke Nov 21 '22 at 19:44

1 Answers1

-1

CORS middleware goes over Flask APP, not over blueprint

app = Flask(__name__)
CORS(app)
ontananza
  • 362
  • 6
  • 7
  • But the [Flask docs says](https://flask-cors.readthedocs.io/en/latest/api.html#using-cors-with-blueprints) that one should pass the blueprint instance to CORS. – Eyeofpie Jul 18 '22 at 19:46
  • Flask-cors project in his documentation that you can found [here](https://pypi.org/project/Flask-Cors/) shows the implementation of CORS middleware with the flask APP. Maybe an earlier version of the project works with the blueprints. – ontananza Jul 18 '22 at 21:38