When you launch an ajax call to the REST API, you are getting blocked by CORS because there is a missing header.
What I Did
Create an dataset.
Launch the worker to populate the database.
Start an ATM API server.
Launch an ajax GET call to the API.
Then you are being blocked by CORS policy:
Access to XMLHttpRequest at 'http://127.0.0.1:5000/api/datasets/1' from origin 'null' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
Solution
In order to solve this problem, CORS headers for Access-Control-Allow-Origin and Access-Control-Allow-Credentials must be added to the response for each request:
# Allow the CORS header
@app.after_request
def add_cors_headers(response):
response.headers['Access-Control-Allow-Origin'] = '*'
response.headers['Access-Control-Allow-Credentials'] = 'true'
return response
Description
When you launch an
ajax
call to the REST API, you are getting blocked byCORS
because there is a missing header.What I Did
dataset
.ajax
GET call to theAPI
.Then you are being blocked by
CORS policy
:Solution
In order to solve this problem,
CORS
headers for Access-Control-Allow-Origin and Access-Control-Allow-Credentials must be added to the response for each request: