search

colymba / silverstripe-restfulapi

SilverStripe RESTful API with a default JSON serializer.
BSD 3-Clause "New" or "Revised" License
64 stars 33 forks source link

CORS not working - Question really #106

Open nimeso opened 4 years ago

nimeso commented 4 years ago

I have the following domains: http://app.arvrlab.org.nz (the origin domain requesting from the API) http://cms.arvrlab.org.nz (the Silverstripe CMS and API)

I get the following CORS errors:

Access to XMLHttpRequest at 'http://cms.arvrlab.org.nz/api/Member/743' from origin 'http://app.arvrlab.org.nz' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.

My config yml looks like:

RESTfulAPI:
  authentication_policy: true
  dependencies:
    authenticator: '%$RESTfulAPI_TokenAuthenticator'
  embedded_records:
    'Quest':
      - 'Tasks'
    'Member':
      - 'AraCourses'
  cors:
    Enabled: true
    Allow-Origin: 'http://app.arvrlab.org.nz'
    Allow-Headers: '*'
    Allow-Methods: 'OPTIONS, GET, PUT, POST, PATCH, DELETE'
    Max-Age: 86400

I've tried:

RESTfulAPI:
  authentication_policy: true
  dependencies:
    authenticator: '%$RESTfulAPI_TokenAuthenticator'
  embedded_records:
    'Quest':
      - 'Tasks'
    'Member':
      - 'AraCourses'
  cors:
    Enabled: true
    Allow-Origin: '*'
    Allow-Headers: '*'
    Allow-Methods: 'OPTIONS, GET, PUT, POST, PATCH, DELETE'
    Max-Age: 86400

As well (dev/build) done each time. But still having no luck at all?

Any ideas? Sorry, I'm not the best dev on the block so maybe I'm just missing something simple?

Cheers Jamie

thats4shaw commented 2 years ago

Did you get to the bottom of this @nimeso?