When you launch an ajax call to the REST API, you are getting blocked by CORS because there is a missing header.
What I Did
Create an dataset.
Launch the worker to populate the database.
Start an ATM API server.
Launch an ajax GET call to the API.
Then you are being blocked by CORS policy:
Access to XMLHttpRequest at 'http://127.0.0.1:5000/api/datasets/1' from origin 'null' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
Solution
In order to solve this problem, CORS headers for Access-Control-Allow-Origin and Access-Control-Allow-Credentials must be added to the response for each request:
# Allow the CORS header
@app.after_request
def add_cors_headers(response):
response.headers['Access-Control-Allow-Origin'] = '*'
response.headers['Access-Control-Allow-Credentials'] = 'true'
return response
Description
When you launch an
ajaxcall to the REST API, you are getting blocked byCORSbecause there is a missing header.What I Did
dataset.ajaxGET call to theAPI.Then you are being blocked by
CORS policy:Solution
In order to solve this problem,
CORSheaders for Access-Control-Allow-Origin and Access-Control-Allow-Credentials must be added to the response for each request: