0

I have Flask Python API with cors set up as below. It works fine when invoked from browser. But getting CORS error when called from Angular application currently testing from localhost:4200.

From Chrome developer tools - Could see preflight request with Request Method=Options(Preflight request) returning 200, but actual request is throwing CORS error. Not sure what i am doing wrong here. Please share insights.

FYI - Tried couple of tweaks like making allowed origin "*" , removed "supports_credentials=True"; still same CORS error

Error:

Error:
Access to XMLHttpRequest at 'https://app01.dev.com/coreengine?rootfolder=app01&childfolder=jun2020&team=app01&action=customhierarchy' from origin 'http://localhost:4200' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.

Code:

from flask_cors import CORS
mainapp = Flask(__name__)
cors = CORS(mainapp, resources={r"/*": {"origins":["http://localhost:4200"]}},supports_credentials=True)
@mainapp.route('/coreengine', methods=['GET','POST'])
def coreengine():
{
  #Code 
}
Mohan Rayapuvari
  • 195
  • 1
  • 1
  • 12

1 Answers1

2

At the root of your application parallel to package.json file, create a new file proxy.config.json

{
"/coreengine*": {
    "target":"https://app01.dev.manulife.com",
    "secure":true,
    "logLevel":"debug"
    }
}

Now in your package.json in scripts: {}, add the following flax with file name proxy.config.json to start"

{
"scripts": {
    "start":"ng serve --proxy-config proxy.config.json",
    "test":"ng test"
}
}

Hope this works for you.

Mohammed Ismail
  • 148
  • 11
  • I tried adding proxy Json , still getting same cors error. Preflight request no cors error with or without proxy json – Mohan Rayapuvari Aug 08 '20 at 14:04
  • 1
    may be this helps [Response to preflight request doesn't pass access control check](https://stackoverflow.com/a/35588856/9640128) – Mohammed Ismail Aug 08 '20 at 15:31
  • Actually i found issue is not with flask_cors config. I displayed flask_cors logs and enabled python debug. Angular is missing some headers which python fetches using request.headers.get(); it is throwing CORS error. Angular interceptor skipping these headers. Reported CORS resolved after sending these headers. Logic is getting executed , but hitting another CORS issue calling Azure AD from Flask API which seems different issue. Will open new thread for this – Mohan Rayapuvari Aug 10 '20 at 01:55