Problems with aiohttp 3.0.1 about aiohttp-cors HOT 29 OPEN

Fixed by #160

from aiohttp-cors.

I'm faced with this issue with POST requests and CORS also, but everything works fine with this code:

from aiohttp_cors import setup as cors_setup, ResourceOptions

...

routes = [
    web.get("/", handle),
    web.post("/something", another_handle),
]

app.router.add_routes(routes)

cors = cors_setup(
    app,
    defaults={
        "*": ResourceOptions(
            allow_credentials=True, expose_headers="*", allow_headers="*",
        )
    },
)

for route in list(app.router.routes()):
    cors.add(route)

Versions: aiohttp 3.6.2 and aiohttp-cors 0.7.0

Maybe this will help someone else with this issue.

from aiohttp-cors.

Guys, the library has several technical debts.
I've converted all tests to pytest fixtures usage and replaced yield from with async/await syntax.
Next thing is getting rid of special flag for aiohttp.web.View support in favor of isinstance check.
After getting this done the code will be ready to adopting to aiohttp 3.
I expect to find a time for it in a week.

from aiohttp-cors.

Thanks for remember.
Yesterday travis was overwhelmed, I forgot to initiate a new release building procedure.
Done

from aiohttp-cors.

Actually with the following code CORS doesn't work even for 2.3.10:

    for resource in app.router.resources():
        cors.add(resource)

from aiohttp-cors.

Route definition:

@routes.post('/api/users')
async def create_user(request: Request):
    return web.json_response(status=web.HTTPCreated.status_code)

from aiohttp-cors.

We have the issue here, have you found a workaround?

from aiohttp-cors.

Ok thanks for your answer!

from aiohttp-cors.

I hate to be that guy, but will there be a new release to PyPI? I see there was a commit to bump the version, but I don't see it published yet. Thanks :)

from aiohttp-cors.

Having following error:

CORS preflight request failed: request method 'POST' is not allowed for 'http://example.com' origin

with:
aiohttp==3.0.9
aiohttp-cors==0.7.0

same code works for aiohttp 2 and aiohttp-cors 0.6.0. Is there real example of adding routes to cors that do work and was tested?

from aiohttp-cors.

https://github.com/aio-libs/aiohttp-cors/blob/master/aiohttp_cors/urldispatcher_router_adapter.py#L296

Here resource_config.method_config is an empty dict. So if not setting default allow_methods to '*' globally - requests do not work with CORS

from aiohttp-cors.

btw. Adding to cors with both methods doesn't help:

    for resource in app.router.resources():
        cors.add(resource)

    for route in list(app.router.routes()):
        if not isinstance(route.resource, StaticResource):  # <<< WORKAROUND
            cors.add(route)

from aiohttp-cors.

The same for me. Rolled back to aiohttp 2 and aiohttp_cors 0.6.0

from aiohttp-cors.

Same here. aiohttp 2.0 + aiohttp-cors 0.6.0 seems to be a good solution for now.

from aiohttp-cors.

Guys, if somebody wants to provide a PR -- you are welcome.
I'm convinced that the problem exists but have no estimation for the fix.

from aiohttp-cors.

@asvetlov I'll try to look into it over the weekend. Btw, for me, this only happens on localhost, all other places work fine.

from aiohttp-cors.

Cool!

from aiohttp-cors.

I could make some progress to solve this problem.
This problem happens when you tried to name all routes as it recommended by Swagger notation.
And I do not find any fast solution to fix it.
Script to reproduce this problem:

import asyncio
import aiohttp
import aiohttp_cors
from aiohttp.web_runner import GracefulExit


async def handler(request):
    return aiohttp.web.Response(
        text="Hello!",
        headers={
            "X-Custom-Server-Header": "Custom data",
        })

app = aiohttp.web.Application()

cors = aiohttp_cors.setup(app, defaults={
    "http://request-from": aiohttp_cors.ResourceOptions(
            allow_credentials=True,
            expose_headers="*",
            allow_headers="*",
        ),
    })

routes = [{
    'method': 'GET',
    'path': '/test',
    'handler': handler,
    'name': 'test-good'
    }, {
    'method': 'POST',
    'path': '/test',
    'handler': handler,
    'name': 'test-good'
    }, {
    'method': 'GET',
    'path': '/test-bad',
    'handler': handler,
    'name': 'test-bad-get'
    }, {
    'method': 'POST',
    'path': '/test-bad',
    'handler': handler,
    'name': 'test-bad-post'
    }, ]
for route in routes:
    cors.add(
        app.router.add_route(
            method=route['method'],
            path=route['path'],
            handler=route['handler'],
            name=route['name']
        )
    )
loop = asyncio.get_event_loop()
handler = app._make_handler()
server = loop.run_until_complete(
    loop.create_server(
        handler,
        host='localhost',
        port='8081'
    )
)

try:
    loop.run_forever()
except (GracefulExit, KeyboardInterrupt):
    pass
finally:
    loop.stop()

GET and POST for /test works perfect.
GET and POST for /test-bad isn't work as expected.

For self._resource_config at

{
  <PlainResource 'test-bad-get'  /test-bad>: instance(_ResourceConfig):
    default_config: {
    },
    method_config: {
      'GET': {
      },
    }
  <PlainResource 'test-bad-post'  /test-bad>: instance(_ResourceConfig):
    default_config: {
    },
    method_config: {
      'POST': {
      },
    }
  <PlainResource 'test-good'  /test>: instance(_ResourceConfig):
    default_config: {
    },
    method_config: {
      'GET': {
      },
      'POST': {
      },
    }
}

But for OPTION request to url /test-bad resource nether with Access-Control-Request-Method set to 'GET' or 'POST' at

<PlainResource 'test-bad-get'  /test-bad>

So we try to find method POST in <PlainResource 'test-bad-get' /test-bad> node of self._resource_config and couldn't as it designed.

from aiohttp-cors.

That's interesting.
Technically test-bad-get and test-bad-post are the same resource which always returns the same URL in url_for().
Perhaps aiohttp should raise a warning on trying to add the same URL pattern under different names.

Would be nice to fix aiohttp-cors to correctly process this case as well maybe but I not sure how complex the fix is.

from aiohttp-cors.

I have this problem also. I'm keeping with aiohttp 2.3.10. Thanks.

from aiohttp-cors.

aiohttp-3.3.2 + aiohttp-cors-0.7.0 works fine too! <3

from aiohttp-cors.

Hey guys ! I think i have the same issue. @valentinmk did you find a workaround ?

from aiohttp-cors.

@TTRh I used the above mentioned versions and it worked. Unfortunately I was not able to make it work with the latest version.

from aiohttp-cors.

from aiohttp-cors.

Hum only rollbacking to aiohttp 2 worked for me :/

from aiohttp-cors.

def setup_routes(app):
    app.router.add_routes(routes)
    setup_swagger(app,
                  api_base_url='/',
                  swagger_url='/api/doc',
                  description='API testing interface',
                  title='API',
                  api_version='2.0.0')

    cors = aiohttp_cors.setup(app, defaults={
        "*": aiohttp_cors.ResourceOptions(
            allow_credentials=True,
            expose_headers="*",
            allow_headers="*",
        )
    })

    for route in list(app.router.routes()):
        if not isinstance(route.resource, StaticResource):  # <<< WORKAROUND
            cors.add(route)

This code worked for me with aiohttp 3.5.4, aiohttp-cors 0.7.0

from aiohttp-cors.

up)
same problems with aiohttp 3.6.2 and aiohttp-cors 0.7.0

from aiohttp-cors.

Pull Request for aiohttp-cors is welcome!

from aiohttp-cors.

from aiohttp_cors import setup as cors_setup, ResourceOptions

thanks it's work for me

from aiohttp-cors.