oncall icon indicating copy to clipboard operation
oncall copied to clipboard

Published 20 hours ago verified publisher icon linkedin

falcon_cors:Aborting response due to origin not allowed

Open osalmasan opened this issue 7 years ago • 3 comments

I encounter this error during login Aborting response due to origin not allowed INFO:falcon_cors:Aborting response due to origin not allowed 2018-08-16 18:05:37,764 INFO falcon_cors Aborting response due to origin not allowed 2018-08-16 18:05:37,764 falcon_cors INFO Aborting response due to origin not allowed 192.168.1.5 - - [16/Aug/2018:18:05:37 +0800] "POST /login HTTP/1.1" 400 84 "http://192.168.1.7:8080/" "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.106 Safari/537.36"

osalmasan avatar Aug 16 '18 10:08 osalmasan

config/config.yaml file `server: host: 192.168.1.7 port: 8080 oncall_host: http://192.168.1.7:8080 metrics: dummy db: conn: kwargs: scheme: mysql+pymysql host: 127.0.0.1 database: oncall charset: utf8 echo: True str: "%(scheme)s://%(user)s:%(password)s@%(host)s/%(database)s?charset=%(charset)s" kwargs: pool_recycle: 3600 healthcheck_path: /tmp/status

Keys for encrypting/signing session cookies.

Change to random long values in production.

session: encrypt_key: 'abc' sign_key: '123'

Debug mode toggle. Disable in production.

Debug mode disables authentication, allows access to debug-only API endpoints

(used for testing), allows HTTP access, and removes some security headers

from responses.

#debug: True

To run Oncall without https, set this value to True

WARNING: use this only for debugging purposes, to avoid sending

usernames and passwords in plain text.

allow_http: True

Pluggable authentication module configuration.

Additional auth modules can be added by implementing the Authenticator

class, with two required methods: init(self, config) and

authenticate(self, username, password)

auth:

debug: True

module: 'oncall.auth.modules.debug' # Auth module where Authenticator is implemented

Example configuration for LDAP-based auth

module: 'oncall.auth.modules.ldap_example' module: 'oncall.auth.modules.ldap_import' # for automatically import user at first connexion `

what could possibly be wrong ? I am not quite familiar with python.

osalmasan avatar Aug 16 '18 10:08 osalmasan

I am encountering the exact same falcon_cors error after each login attempt. However this doesn't seem to be impacting the ability to log in and use Oncall. A strange error for sure, not sure why it is occurring.

This is the log entry in console output right after clicking on the login button...

Aborting response due to origin not allowed
INFO:falcon_cors:Aborting response due to origin not allowed
2018-08-22 15:27:57,232 falcon_cors INFO     Aborting response due to origin not allowed
10.10.10.10 - - [22/Aug/2018:15:27:57 -0400] "POST /login HTTP/1.1" 200 259 "http://oncall:8080/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.140 Safari/537.36"

I'm wondering if this has to do with running oncall in dev mode where authentication is basically disabled (in dev mode, any password is accepted).

ghost avatar Aug 22 '18 19:08 ghost

This is actually something I've seen as well, but I'm not sure of the cause. It doesn't seem to affect anything, so I haven't done much digging.

dwang159 avatar Aug 22 '18 19:08 dwang159