1

The problem seems extremely simple; I just want my FastAPI server to accept requests from my phone and my emulator. However, it does not.

  1. Note that I have no network problems. I have my node server on this same computer, and I can freely send requests to it and get a response.

I can send requests from my browser, and postman. No problem with that.

from enum import Enum
from fastapi import FastAPI
from fastapi.middleware.cors import CORSMiddleware

app = FastAPI()

origins = [
    "http://localhost.tiangolo.com",
    "https://localhost.tiangolo.com",
    "http://localhost",
    "http://localhost:8080",
    "http://myPhoneIp",
    "https://myPhoneIp:8080",
    "http://emulatorIp",
    "https://emulatorIp",
]

app.add_middleware(
    CORSMiddleware,
    allow_origins=origins,
    allow_credentials=False,
    allow_methods=["*"],
    allow_headers=["*"],
)


@app.get("/")
async def root():
    print('someone sent a request')
    return {"message": "Hello World"}

Why is this small piece of code not working? I am not using any cookies, etc. So I set allow_credentials=False, and even if I set it to True, it is still not working.

I even tried allow_origins=["*"], allow_credentials=False still nothing.

Another thing to remember here is when I set allow_origins=[], it should not allow any request, even from localhost, right? Why is it still allowed from the browser and Postman?

I know this issue looks similar to this How can I enable CORS in FastAPI? , but I have tried every solution in there, but nothing helped. Here is flutter error when sending request E/flutter (23012): [ERROR:flutter/runtime/dart_vm_initializer.cc(41)] Unhandled Exception: Connection refused

My phone browser also says the connection was refused. I dug everywhere, but could not find a solution. Please help.

Chris
  • 18,724
  • 6
  • 46
  • 80
Rationalist
  • 116
  • 9
  • 1
    Please have a look at the link provided above. Additionally, as described in [this answer](https://stackoverflow.com/a/74106637/17865804), there is no need for having CORS enabled, unless your API receives cross-origin requests. In that case, please have a look [here](https://stackoverflow.com/a/71805329/17865804), as well as [here](https://stackoverflow.com/a/73963905/17865804) and [here](https://stackoverflow.com/a/75048778/17865804) – Chris May 04 '23 at 00:40
  • Oh dear god. Thank you Chris. Both this "uvicorn main:app --host 0.0.0.0 --port 8000" and this "if __name__ == '__main__': uvicorn.run(app, host='0.0.0.0', port=8000)" work. However, I still do not understand why was it not working before, I knew that my computer(server) had 2 different IP addresses, 1 for ethernet, and 1 for Wi-Fi. I tried connecting to both a hundred times, unsuccessfully. – Rationalist May 04 '23 at 01:07
  • By default FastAPI/Uvicorn runs on `localhost`, and it is thus accessible only from the machine running the server. To make the application available on LAN, one needs to either bind to a machine's local IP address (e.g., `192.168.10.2`) or all interfaces (i.e., `0.0.0.0`), indicating that the server should run on all the machine's IP addresses. – Chris May 04 '23 at 01:39
  • To expand on what Chris said, it's important to remember that CORS _only applies to requests triggered by a cross-origin operation _- i.e. when a resource makes a request to something on a different origin (for example, a webpage making a JavaScript `fetch` request to a different host). Opening a URL in a browser, calling it from postman or curl or similar isn't a cross origin request, and thus, isn't limited by any CORS information. CORS is a _client side limitation_, and is not enforced server side (since a client could send whatever origin they want). – MatsLindh May 04 '23 at 08:07

0 Answers0