Inside our company's VPN I can call the web service (which is a REST service) fine, on FF and Chrome. I need to connect to it from Angular 2 though. Now, I tried to call the REST service(which is inside VPN) from Angular 2, in several ways, and I am always getting the message about CORS("No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:4200' is therefore not allowed access. The response had HTTP status code 401." in Chrome and "Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at http://webwassvc-test.servizi.gr-u.it/essigEAIM/rest/monitoring/integrations/all?pag=1. (Reason: CORS header ‘Access-Control-Allow-Origin’ missing)." in Firefox). I tried setting the about:config:security.fileuri.strict_origin_policy to false, and it didn't help. The sysadmin on the REST server end told me he opened the server for CORS (cross domain) calls, so I think the problem is on my end, but I don't know what can it be. Any advice, please?
UPDATE: I can access the REST service and get the data from it, through PHP as middleware (localhost/angular2_site/file.php), but not from angular directly (localhost:4200).
Another option it's to manage it with a proxy or load balancer.
If you are developing with anuglar-cli you can use the Proxy To Backend support of the angular-cli. --proxy-config
from the angular-cli readme:
Say we have a api server running on http://localhost:3000/api and we want
all calls to http://localhost:4200/api to go to that server.
We create a file next to projects package.json called proxy.conf.json
with the content
{
"/api": {
"target": "http://localhost:3000",
"secure": false
}
}
You can read more about what options are available here
webpack-dev-server proxy settings
and then we edit the package.json file's start script to be
"start": "ng serve --proxy-config proxy.conf.json", now run it with
npm start
So at the end you can call your services as:
getUsers() : Observable<any>{
return this.http.get('/api/users').map(res => res.json());
}
Related
I've built a wee program that works fine when I run it locally. I've deployed the backend to Heroku, and I can access that either by going straight to the URL (http://gymbud-tracker.herokuapp.com/users) or when running the frontend locally. So far so good.
However, when I run npm run-script build and deploy it to Netlify, something goes wrong, and any attempt to access the server gives me the following error in the console:
auth.js:37 Error: Network Error
at e.exports (createError.js:16)
at XMLHttpRequest.p.onerror (xhr.js:99)
The action that is pushing that error is the following, if it is relevant:
export const signin = (formData, history) => async (dispatch) => {
try {
const { data } = await api.signIn(formData);
dispatch({ type: AUTH, data });
history.push("../signedin");
} catch (error) {
console.log(error);
}
};
I've been tearing my hair out trying to work out what is changing when I build and deploy, but cannot work it out.
As I say, if I run the front end locally then it access the Heroku backend no problem - no errors, and working exactly as I'd expect. The API call is correct, I believe: const API = axios.create({baseURL: 'http://gymbud-tracker.herokuapp.com/' });
I wondered if it was an issue with network access to the MongoDB database that Heroku is linked to, but it's open to "0.0.0.0/0" (I've not taken any security precautions yet, don't kill me!). The MDB database is actually in the same collection as other projects I've used, that haven't had this problem at all.
Any ideas what I need to do?
The front end is live here: https://gym-bud.netlify.app/
And the whole thing is deployed to GitHub here: https://github.com/gordonmaloney/gymbud
Your issue is CORS (Cross-Origin Resource Sharing). When I visit your site and inspect the page, I see the following error in the JavaScript console which is how I know this:
This error essentially means that your public-facing application (running live on Netlify) is trying to make an HTTP request from your JavaScript front-end to your Heroku backend deployed on a different domain.
CORS dictates which requests from a frontend application are ALLOWED to make a request to your backend API.
What you need to do to fix this is to modify your Heroku application and have it return the appropriate Access-Control-Allow-Origin header. This article on MDN explains the header and how you can use it.
Here's a simple example of the header you could set on your Heroku backend to allow this to work:
Access-Control-Allow-Origin: *
Please be sure to read the MDN documentation, however, as this example will allow any front-end application to make requests to your Heroku backend when in reality, you'll likely want to restrict it to just the front-end domains you build.
God I feel so daft, but at least I've worked it out.
I looked at the console on a different browser (Edge), and it said it was blocking it because it was mixed origin, and I realised I had just missed out the s in the https on my API call, so it wasn't actually a cors issue (I don't think?), but just a typo on my part!
So I changed:
const API = axios.create({baseURL: 'http://gymbud-tracker.herokuapp.com' });
To this:
const API = axios.create({baseURL: 'https://gymbud-tracker.herokuapp.com' });
And now it is working perfectly ☺️
Thanks for your help! Even if it wasn't the issue here, I've definitely learned a lot more about cors on the way, so that's good
In my Ionic 4 Angular project I get the following error when requesting a json file from a server in my iOS simulator.
XMLHttpRequest cannot load https://myServer.com/api due to access control checks.
cordova.js:1540
Failed to load resource: Origin ionic://localhost is not allowed by Access-Control-Allow-Origin.
In the Chrome Browser with Access-Controls-origin plugin I do not get the error. How can I fix this issue?
You need to add ("Access-Control-Allow-Origin", '*') header at the requested resource.
Follow this link - 3 Ways to Fix the CORS Error — and How the Access-Control-Allow-Origin Header Works. The first option (install the moesif CORS extension) worked for me.
CORS errors are common in web apps when a cross-origin request is made but the server doesn't return the required headers in the response (is not CORS-enabled). It only happens when you're running the app from your localhost for testing purposes.
I am trying to consume a rest webservice (invoked by Talend Open Studio for ESB job) in an angular2 application but when i run my application, i get this error :
XMLHttpRequest cannot load http://localhost:8088/. No
'Access-Control-Allow-Origin' header is present on the requested
resource. Origin 'http://localhost:3000' is therefore not allowed
access.
When I have this issue and i cant do nothing in server, i just use concurrently and corsproxy like dev dependencies in my package.
"concurrently"
"corsproxy"
and add this script to package:
"dev": "concurrently --kill-others 'corsproxy' 'ng serve -o'"
Now you need configure your angular project to make request to the proxy, in my case I add this line to my enviroments file:
apiBaseUrl: 'http://localhost:1337/serverUrlApi'
And in my Http interceptor add this line to all my request.
I just imported a Symfony project from GitHub to Intellij IDEA. I used the usual method : https://www.jetbrains.com/help/phpstorm/2016.2/cloning-a-repository-from-github.html
Now I want to update composer and start working. But when I type the command line :
composer update
I got this error :
your configuration does not allow connections to http://packagist.org/packages.json...
And I can't continue. Please where I'm wrong ?
Newer versions of Composer do not allow connections via unsecured HTTP anymore by default:
Defaults to true. If set to true only HTTPS URLs are allowed to be downloaded via Composer. If you really absolutely need HTTP access to something then you can disable it, but using Let's Encrypt to get a free SSL certificate is generally a better alternative.
Source
To resolve this, make sure to use HTTPS to connect to the repositories, or change your Composer config.
If your resource URL is secured (using ssl) add https:// in front of your URL.
If you want to allow not secured connection add:
"config": {
"secure-http": false
},
in your composer.json
warning: Please note that is always a good practice to use ssl certificates and allow only secured connections.
I'm working on an ionic apps.
My problem is: when I try to get data from server I got this:
XMLHttpRequest cannot load https://mywebsite.com/api. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost' is therefore not allowed access.
I already try to add this to .htaccess:
<ifModule mod_headers.c>
Header set Access-Control-Allow-Origin: *
</ifModule>
And this to my api page (PHP): header('Access-Control-Allow-Origin: *');
but still not working
$http.get(url).success(function(response) {...}
Put it on top of your PHP file like:
<?php
header("Access-Control-Allow-Origin: *");
// then your stuff goes here
?>
Note: as with all uses of the PHP header function, this must be before any output has been sent from the server.
This cors problem has a simple work around in ionic.
Go to your ionic.config.json (previously ionic.project) and add a proxy for example:
{
"name": "proxy-example",
"app_id": "",
"proxies": [
{
"path": "/api",
"proxyUrl": "http://cors.api.com/api"
}
]
}
After that use "/api/" instead of "https://mywebsite.com/api" when you call your api.
For more info:
http://blog.ionic.io/handling-cors-issues-in-ionic/
This is a typical error found when we work with Angular and Ionic, the problem appears because when your app loaded in a browser on your app loads all the content from an origin that comes from your local address http://localhost:8100, then when you want to make any AJAX request sent out to another host than localhost:8100 the request is called from an any point different from the origin its require a CORS(Cross Origin Resource Sharing) preflight request to see if it can access the resource.
The solution is use a Proxy To Backend, with this you can highjack certain urls and send them to a backend server. The implementation is easy:
1.- Modify the file ionic.config.json in the root folder of your project.
2.- Configure your proxy, inside your ionic.config.json file put this, assuming your new host is in http://localhost:3000.
"proxies": [
{
"path": "/endpoints",
"proxyUrl": "http://localhost:3000"
}
]
3.- In your Service change a little the path of your request from this http://localhost:3000/endpoints/any/path/that/you/use to this ../endpoints/any/path/that/you/use(assuming the another host is in localhost:3000 and the context is /endpoints)
If you need more information about this please check http://blog.ionic.io/handling-cors-issues-in-ionic/
premise: This issue is usually only running ionic serve, or using ionic as web app, not in ionic as app.
You can avoid to modify your project and use an extension to disable CORS:
For developing with chrome, something like this:
https://chrome.google.com/webstore/detail/allow-control-allow-origi/nlfbmbojpeacfghkpbjhddihlkkiljbi/related
or, if you need it for firefox, something like this:
https://addons.mozilla.org/en-US/firefox/addon/cors-everywhere/
IE and Edge sucks so for these you have to manually disable CORS in settings