flask-cors
flask-cors copied to clipboard
corydolphin
Access to XMLHttpRequest at 'http://...' from origin 'http://localhost:8000' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: Redirect is not allowed for a preflight request.
I'm getting the following error when using axios in redux-saga in react to post a multipart/form-data:
Access to XMLHttpRequest at 'http://...' from origin 'http://localhost:8000' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: Redirect is not allowed for a preflight request.
My Flask-CORS config is dead simple:
app = flask.Flask(__name__)
flask_cors.CORS(app)
I see nothing in the docs referencing any non-default options to pass preflight checks for origin '*'. I'm not using cookies. What am I missing?
I am getting the same issue. I tried using supports_credentials , expose_headers , allow_headers. Nothing seems to help.
We are getting the same issue, any update on this, it happens randomly
I have hit the same issue recently, and at last I found it was caused by the unmatch of request url. For example, at flask, I claim a url as this
@app.route('/user/', methods=['GET'])
but the url frontend requesting is '/user',this will cause the flask returned a 308 redirect response which is not allowed by Cors preflight request.
So the conclusion is making the backend url and frontend url stricly match will solve the problem. I hope this helps.
I have hit the same issue recently, and at last I found it was caused by the unmatch of request url. For example, at flask, I claim a url as this
@app.route('/user/', methods=['GET'])but the url frontend requesting is '/user',this will cause the flask returned a 308 redirect response which is not allowed by Cors preflight request.
So the conclusion is making the backend url and frontend url stricly match will solve the problem. I hope this helps.
You can also try @app.route('/user/', methods=['GET'], strict_slashes=False) to make this work without getting the 308 response.
I have hit the same issue recently, and at last I found it was caused by the unmatch of request url. For example, at flask, I claim a url as this
@app.route('/user/', methods=['GET'])but the url frontend requesting is '/user',this will cause the flask returned a 308 redirect response which is not allowed by Cors preflight request. So the conclusion is making the backend url and frontend url stricly match will solve the problem. I hope this helps.
You can also try
@app.route('/user/', methods=['GET'], strict_slashes=False)to make this work without getting the 308 response.
for app wide configuration of this try:
app.url_map.strict_slashes = False
Thanks for the solution @hans2520 , that led me to this solution I found elsewhere.
I have hit the same issue recently, and at last I found it was caused by the unmatch of request url. For example, at flask, I claim a url as this
@app.route('/user/', methods=['GET'])but the url frontend requesting is '/user',this will cause the flask returned a 308 redirect response which is not allowed by Cors preflight request.
So the conclusion is making the backend url and frontend url stricly match will solve the problem. I hope this helps.
I hope more people see your response, there is several links and issues open about this problem and none of them mention this. This solve my problem.
I started to get this error after migrating my api's to blueprints, and didn't notice that the path was different.
Thank you.
