Comments (29)
Fixed by #160
from aiohttp-cors.
I'm faced with this issue with POST requests and CORS also, but everything works fine with this code:
from aiohttp_cors import setup as cors_setup, ResourceOptions
...
routes = [
web.get("/", handle),
web.post("/something", another_handle),
]
app.router.add_routes(routes)
cors = cors_setup(
app,
defaults={
"*": ResourceOptions(
allow_credentials=True, expose_headers="*", allow_headers="*",
)
},
)
for route in list(app.router.routes()):
cors.add(route)
Versions: aiohttp
3.6.2 and aiohttp-cors
0.7.0
Maybe this will help someone else with this issue.
from aiohttp-cors.
Guys, the library has several technical debts.
I've converted all tests to pytest fixtures usage and replaced yield from
with async/await
syntax.
Next thing is getting rid of special flag for aiohttp.web.View
support in favor of isinstance
check.
After getting this done the code will be ready to adopting to aiohttp 3.
I expect to find a time for it in a week.
from aiohttp-cors.
Thanks for remember.
Yesterday travis was overwhelmed, I forgot to initiate a new release building procedure.
Done
from aiohttp-cors.
Actually with the following code CORS doesn't work even for 2.3.10:
for resource in app.router.resources():
cors.add(resource)
from aiohttp-cors.
Route definition:
@routes.post('/api/users')
async def create_user(request: Request):
return web.json_response(status=web.HTTPCreated.status_code)
from aiohttp-cors.
We have the issue here, have you found a workaround?
from aiohttp-cors.
Ok thanks for your answer!
from aiohttp-cors.
I hate to be that guy, but will there be a new release to PyPI? I see there was a commit to bump the version, but I don't see it published yet. Thanks :)
from aiohttp-cors.
Having following error:
CORS preflight request failed: request method 'POST' is not allowed for 'http://example.com' origin
with:
aiohttp==3.0.9
aiohttp-cors==0.7.0
same code works for aiohttp 2 and aiohttp-cors 0.6.0. Is there real example of adding routes to cors that do work and was tested?
from aiohttp-cors.
Here resource_config.method_config
is an empty dict. So if not setting default allow_methods to '*' globally - requests do not work with CORS
from aiohttp-cors.
btw. Adding to cors with both methods doesn't help:
for resource in app.router.resources():
cors.add(resource)
for route in list(app.router.routes()):
if not isinstance(route.resource, StaticResource): # <<< WORKAROUND
cors.add(route)
from aiohttp-cors.
The same for me. Rolled back to aiohttp 2 and aiohttp_cors 0.6.0
from aiohttp-cors.
Same here. aiohttp 2.0 + aiohttp-cors 0.6.0 seems to be a good solution for now.
from aiohttp-cors.
Guys, if somebody wants to provide a PR -- you are welcome.
I'm convinced that the problem exists but have no estimation for the fix.
from aiohttp-cors.
@asvetlov I'll try to look into it over the weekend. Btw, for me, this only happens on localhost, all other places work fine.
from aiohttp-cors.
Cool!
from aiohttp-cors.
I could make some progress to solve this problem.
This problem happens when you tried to name all routes as it recommended by Swagger notation.
And I do not find any fast solution to fix it.
Script to reproduce this problem:
import asyncio
import aiohttp
import aiohttp_cors
from aiohttp.web_runner import GracefulExit
async def handler(request):
return aiohttp.web.Response(
text="Hello!",
headers={
"X-Custom-Server-Header": "Custom data",
})
app = aiohttp.web.Application()
cors = aiohttp_cors.setup(app, defaults={
"http://request-from": aiohttp_cors.ResourceOptions(
allow_credentials=True,
expose_headers="*",
allow_headers="*",
),
})
routes = [{
'method': 'GET',
'path': '/test',
'handler': handler,
'name': 'test-good'
}, {
'method': 'POST',
'path': '/test',
'handler': handler,
'name': 'test-good'
}, {
'method': 'GET',
'path': '/test-bad',
'handler': handler,
'name': 'test-bad-get'
}, {
'method': 'POST',
'path': '/test-bad',
'handler': handler,
'name': 'test-bad-post'
}, ]
for route in routes:
cors.add(
app.router.add_route(
method=route['method'],
path=route['path'],
handler=route['handler'],
name=route['name']
)
)
loop = asyncio.get_event_loop()
handler = app._make_handler()
server = loop.run_until_complete(
loop.create_server(
handler,
host='localhost',
port='8081'
)
)
try:
loop.run_forever()
except (GracefulExit, KeyboardInterrupt):
pass
finally:
loop.stop()
GET
and POST
for /test
works perfect.
GET
and POST
for /test-bad
isn't work as expected.
For self._resource_config
at
we will get some thing like that:
{
<PlainResource 'test-bad-get' /test-bad>: instance(_ResourceConfig):
default_config: {
},
method_config: {
'GET': {
},
}
<PlainResource 'test-bad-post' /test-bad>: instance(_ResourceConfig):
default_config: {
},
method_config: {
'POST': {
},
}
<PlainResource 'test-good' /test>: instance(_ResourceConfig):
default_config: {
},
method_config: {
'GET': {
},
'POST': {
},
}
}
But for OPTION request to url /test-bad resource
nether with Access-Control-Request-Method
set to 'GET' or 'POST' at
will return every time:
<PlainResource 'test-bad-get' /test-bad>
So we try to find method POST
in <PlainResource 'test-bad-get' /test-bad>
node of self._resource_config
and couldn't as it designed.
from aiohttp-cors.
That's interesting.
Technically test-bad-get
and test-bad-post
are the same resource which always returns the same URL in url_for()
.
Perhaps aiohttp should raise a warning on trying to add the same URL pattern under different names.
Would be nice to fix aiohttp-cors
to correctly process this case as well maybe but I not sure how complex the fix is.
from aiohttp-cors.
I have this problem also. I'm keeping with aiohttp 2.3.10. Thanks.
from aiohttp-cors.
aiohttp-3.3.2 + aiohttp-cors-0.7.0 works fine too! <3
from aiohttp-cors.
Hey guys ! I think i have the same issue. @valentinmk did you find a workaround ?
from aiohttp-cors.
@TTRh I used the above mentioned versions and it worked. Unfortunately I was not able to make it work with the latest version.
from aiohttp-cors.
from aiohttp-cors.
Hum only rollbacking to aiohttp 2 worked for me :/
from aiohttp-cors.
def setup_routes(app): app.router.add_routes(routes) setup_swagger(app, api_base_url='/', swagger_url='/api/doc', description='API testing interface', title='API', api_version='2.0.0') cors = aiohttp_cors.setup(app, defaults={ "*": aiohttp_cors.ResourceOptions( allow_credentials=True, expose_headers="*", allow_headers="*", ) }) for route in list(app.router.routes()): if not isinstance(route.resource, StaticResource): # <<< WORKAROUND cors.add(route)
This code worked for me with aiohttp 3.5.4, aiohttp-cors 0.7.0
from aiohttp-cors.
up)
same problems with aiohttp 3.6.2 and aiohttp-cors 0.7.0
from aiohttp-cors.
Pull Request for aiohttp-cors is welcome!
from aiohttp-cors.
from aiohttp_cors import setup as cors_setup, ResourceOptions
thanks it's work for me
from aiohttp-cors.
Related Issues (20)
- Wildcard ports for localhost HOT 5
- method '*' treated differently from others HOT 9
- What is the best way to grant CORS for all subdomains dynamically? HOT 6
- Cors and IOS Safari HOT 3
- Only 1 is allowed HOT 1
- thx for password and key to pypi HOT 1
- Python 3.8 test_static_resource failure: TypeError: issubclass() arg 1 must be a class
- DeprecationWarnings with Python 3.8: "@coroutine" decorator
- cant import aiohttp_cors HOT 1
- python3.7 HOT 3
- Does this project follow semver? HOT 1
- Dependabot couldn't authenticate with https://pypi.python.org/simple/
- Routing hierarchy confusion with CORs
- Should aiohttp-cors add a Vary: Origin when emitting a access-control-allow-origin? HOT 1
- 0.7.0 + master: pytest is failing HOT 2
- Is it possible to return `Access-Control-Allow-Origin: *` in response to preflight request instead of existing `Origin` header?
- Regex domains
- Lets through Postman / Curl requests HOT 2
- Let's put `aiohttp-cors` under the `aio-libs` org on PyPI
- How can I enforce CORS despite middlewares?
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from aiohttp-cors.