Closed StevenPG closed 6 years ago
Sorry to hear about this, I'll take a look today when I'm off work and help you get it sorted out.
On Dec 19, 2017 10:14 AM, "Steven Gantz" notifications@github.com wrote:
Any usage breaks the entire API.
I have the following setup falcon==1.3.0 falcon-cors==1.1.7 gunicorn==19.7.1 json-logging-py==0.2
I am able to specify the "allow_origins_list" for localhost, but when I attempt to use a VM, the IP address is not constant and is sometimes different when accessed outside the corporate network.
If I attempt to add the allow_all_origins header into the CORS call, the app is unresponsive and will not accept any connections. The same thing occurs if I try to place a wildcard into the allow_origins_list.
I also cannot place the cors=public_cors call within any of my Resource objects. If I add a cors variable that links to the CORS() call at all, I can't make a connection to any of the Resource objects. Even if the IPs are listed in the allow_origins_list.
Here are the needed excerpts of code: ` """ Falcon CORS for external testing and external access """ from falcon_cors import CORS ... public_cors = CORS(allow_origins_list=['http://localhost:3000'], allow_all_headers=True, allow_all_methods=True) ... class AuthDataResource: """ Falcon Authentication Resource """
This is where if I try to add cors=public_cors I cannot access this or any other resource
def on_get(self, req, res): """ Handle incoming GET requests, return relevant info """ json = { 'version': VERSION, 'status': falcon.HTTP_200 } logger.info(req) res.media = json res.status = falcon.HTTP_200 logger.info(res)
... Falcon Application Instantiation with cors middleware
API = application = falcon.API(middleware=[cors.middleware]) API.add_route('/api/v1/version', AuthDataResource()) API.add_route('/api/v1/auth', APIAuthenticationResource()) API.add_route('/api/v1/ui/auth', BasicAuthenticationResource()) API.add_route('/api/v1/auth/getToken', GetTokenAuthenticationResource()) `
I'm just really lost and the documentation or issues don't not anything like this. I'm building out a pretty decent sized API and I love using falcon, but this is a huge hang-up so far.
— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/lwcolton/falcon-cors/issues/8, or mute the thread https://github.com/notifications/unsubscribe-auth/ABWuLhZFpjd_Cj_9CBBMpkLJ3ouTnYxxks5tB-D8gaJpZM4RHMy- .
Thanks @lwcolton , I've recreated the issue with other services as well.
Can you use cURL or a similar http client to hit your endpoint outside of the browser, with CORS enabled, and see what happens?
On Dec 19, 2017 12:40 PM, "Steven Gantz" notifications@github.com wrote:
Thanks @lwcolton https://github.com/lwcolton , I've recreated the issue with other services as well.
— You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub https://github.com/lwcolton/falcon-cors/issues/8#issuecomment-352848591, or mute the thread https://github.com/notifications/unsubscribe-auth/ABWuLhUIxn41H8RRwZR6qHK6M_YdHbxfks5tCAMmgaJpZM4RHMy- .
Sorry for the delay, with CORS enabled, everything works for Postman, but fails from cURL and my ReactJS application. With Falcon_cors implemented, the same thing occurs. The failure is "Request header field Content-Type is not allowed by Access-Control-Allow-Headers in preflight response."
The other one is the typical CORS one, URL not allowed due to origin.
Another team member ran their changes through our full CI/CD suite so I'm reverting some stuff in a test environment. It's always working from Postman and a web browser though.
Edit: It is working fine through cURL and Postman now that everything is back to how it was with falcon_cors setup. Still getting Content Type issue and origin errors from ReactJs App.
Ok I have to apologize, I think I misread your readthedocs page...
I've gotten it working, and I had to include the single whitelisted URL.
This is the winning configuration:
cors = CORS(allow_origins_list=['http://localhost:3000'])
api = falcon.API(middleware=[cors.middleware])
public_cors = CORS(allow_all_origins=True, allow_all_methods=True, allow_all_headers=True)
When I remove localhost:3000 (which isn't where I'm hitting it from), then Content-Type issue appears and if I try to specify any specific headers, methods, or origins I seem to run into problems.
I even tried copying the request methods and headers into the response.
Thank you for building this library, sorry to waste some time!!
No worries let me know if you still have issues happy to help even if it doesn't end up being a bug in falcon-cors
On Dec 19, 2017 1:14 PM, "Steven Gantz" notifications@github.com wrote:
Closed #8 https://github.com/lwcolton/falcon-cors/issues/8.
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/lwcolton/falcon-cors/issues/8#event-1394784583, or mute the thread https://github.com/notifications/unsubscribe-auth/ABWuLiPbE_PDkjWpnhuGidKoeq8-WEX0ks5tCAsXgaJpZM4RHMy- .
Any usage breaks the entire API.
I have the following setup falcon==1.3.0 falcon-cors==1.1.7 gunicorn==19.7.1 json-logging-py==0.2
I am able to specify the "allow_origins_list" for localhost, but when I attempt to use a VM, the IP address is not constant and is sometimes different when accessed outside the corporate network.
If I attempt to add the allow_all_origins header into the CORS call, the app is unresponsive and will not accept any connections. The same thing occurs if I try to place a wildcard into the allow_origins_list.
I also cannot place the
cors=public_cors
call within any of my Resource objects. If I add a cors variable that links to theCORS()
call at all, I can't make a connection to any of the Resource objects. Even if the IPs are listed in the allow_origins_list.Here are the needed excerpts of code: ` """ Falcon CORS for external testing and external access """ from falcon_cors import CORS ... public_cors = CORS(allow_origins_list=['http://localhost:3000'], allow_all_headers=True, allow_all_methods=True) ... class AuthDataResource: """ Falcon Authentication Resource """
This is where if I try to add cors=public_cors I cannot access this or any other resource
...
Falcon Application Instantiation with cors middleware
API = application = falcon.API(middleware=[cors.middleware]) API.add_route('/api/v1/version', AuthDataResource()) API.add_route('/api/v1/auth', APIAuthenticationResource()) API.add_route('/api/v1/ui/auth', BasicAuthenticationResource()) API.add_route('/api/v1/auth/getToken', GetTokenAuthenticationResource()) `
I'm just really lost and the documentation or issues don't not anything like this. I'm building out a pretty decent sized API and I love using falcon, but this is a huge hang-up so far.