1

I'm having some issues on EC2 instance, where I'm trying to deploy app.

BE:

app = FastAPI(title="App", openapi_url="/openapi.json")
    origins = ['http://localhost']
    app.add_middleware(
        CORSMiddleware,
        allow_origins=origins,
        allow_credentials=True,
        allow_methods=["*"],
        allow_headers=["*"]
    )

FE:

axios.get('http://localhost:8000/search/?' + searchQuery)
          .then((res) => {
            setData(JSON.parse(res.data));
          });

I'm using also Ngnix with following config:

server {
  listen 80;

  location / {
    root /usr/share/nginx/html/;
    include /etc/nginx/mime.types;
    try_files $uri $uri/ /index.html;
  }
}

So if launch the prod version locally, everything works fine, but on EC2 I'm getting CORS error while trying to fetch data with axios:

  • Chrome: Cross-Origin Resource Sharing error: InsecurePrivateNetwork
  • Firefox: CORS Missing Allow Origin

Not sure, what am I missing, should I configure nginx proxy so that public IP of EC2 will be sending requests as localhost? (I was trying also to set origins=[*] but that didn't help)

@Edit: Docker-compose: enter image description here

Ironwing
  • 121
  • 1
  • 15
  • CORS is a meganism that browsers use, webserver don't do anything with the headers. So in your case the allowed origin should be the actual domain that is going to call your back-end including port numbers. See [this post](https://stackoverflow.com/questions/19966707/cors-error-on-same-domain) and answer for some more explanation – n9iels Dec 23 '22 at 11:17
  • @n9iels Changed origins to ['http://PUBLIC_EC2_IP'], If I understand correctly I should additionally add Access-Control-Allow-Origin to response header from FastAPI? – Ironwing Dec 23 '22 at 11:46
  • Please have a look at related answers [here](https://stackoverflow.com/a/73963905/17865804), as well as [here](https://stackoverflow.com/a/74163726/17865804) and [here](https://stackoverflow.com/a/74106637/17865804). – Chris Dec 23 '22 at 12:31

0 Answers0