odoo-rest-api
odoo-rest-api copied to clipboard
yezyilomo
Cors help?
http://localhost:8069/api/project.budget/ 405 (METHOD NOT ALLOWED) Access to XMLHttpRequest at 'http://localhost:8069/api/project.budget/' from origin 'http://localhost:3000' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
I've made a vue app but when I want to create of records I got cors error
createProject() { const endpoint = 'http://localhost:8069/api/project.budget/' axios .post(endpoint, this.project, { headers: { session_id: '7951526a5f73527a5c1a7f4e21166d3844c3ddfc' } }) .then((response) => { console.log(response) }) }
You might need to proxy the odoo endpoint. Check this stackoverflow problem:
https://stackoverflow.com/questions/57969766/not-able-to-set-proxy-port-in-my-vue-js-app
I have the same problem, is there any solution ?, I already add cors = "*" to the controller but it doesn't work
I Added nginx proxy front of odoo. Thats the solution.
Could can share it please. @pumppi
Example code for docker nginx template. Nginx is front of odoo docker instance.
`events { worker_connections 1024; }
http {
client_max_body_size 500M; proxy_connect_timeout 900; proxy_send_timeout 900; proxy_read_timeout 900; send_timeout 900;
#All the other odoo requests upstream odoo { server ${HOST_TO_PROXY}:8069;
} #Odoo multiple workers enabled then redirect to here upstream longpolling { server ${HOST_TO_PROXY}:8072; }
log_format upstreamlog '[$time_local] $remote_addr - $remote_user - $server_name to: $upstream_addr: $request upstream_response_time $upstream_response_time msec $msec request_time $request_time';
server { listen 8080; server_name localhost;
access_log /var/log/nginx/access.log upstreamlog;
#Todo could be added other enviroments
add_header 'Access-Control-Allow-Origin' $http_origin always;
add_header 'Access-Control-Allow-Credentials' 'true';
add_header 'Access-Control-Allow-Headers' 'Access-Control-Allow-Credentials,Authorization,Accept,Origin,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range, X-Openerp-Session-Id';
add_header 'Access-Control-Allow-Methods' 'GET,POST,OPTIONS,PUT,DELETE,PATCH';
location / {
proxy_pass http://odoo;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_set_header X-NginX-Proxy true;
proxy_cookie_path / "/; secure; HttpOnly; SameSite=none";
if ($request_method = 'OPTIONS') {
add_header 'Access-Control-Allow-Origin' $http_origin always;
add_header 'Access-Control-Allow-Credentials' 'true' always;
add_header 'Access-Control-Allow-Headers' 'Access-Control-Allow-Header,Access-Control-Allow-Credentials,Authorization,Accept,Origin,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,X-Openerp-Session-Id' always;
add_header 'Access-Control-Allow-Methods' 'GET,POST,OPTIONS,PUT,DELETE,PATCH' always;
add_header 'Access-Control-Max-Age' 1728000;
add_header 'Content-Type' 'text/plain charset=UTF-8';
add_header 'Content-Length' 0;
return 204;
}
}
location /longpolling {
proxy_pass http://longpolling;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Host $http_host;
proxy_set_header X-NginX-Proxy true;
}
} } `