I have a problem when I want to create an authentication system using VueJs as the frontend (http://localhost:8080/#/login) and Laravel 5.6 as the backend. When I try to submit login form using the api login url http://127.0.0.1:8000/api/v1/login, I get the error message:
Cross-Origin Request Blocked: The Same Origin Policy disallows
reading the remote resource at http://127.0.0.1:8000/api/v1/login.
(Reason: CORS request did not succeed).
I don't know how to solve this problem.
Could anyone here help me to solve my problem?
NOTE : I have to install laravel-cors before
This is an old question, but I'll reply nonetheless.
For me this error was caused by a self-signed certificate. If you open developer tools, select the network tab, click the call that failed CORS you can see the security tab. Click it to open it. If a cert is giving you problems the text "An error occurred: SEC_ERROR_INADEQUATE_KEY_USAGE" should be visible.
To resolve this just go to the URL that gave you the CORS error, and accept the cert manually.
Cross Origin Resource Sharing is a mechanism that uses additional HTTP headers to tell a browser to allow the web application running on one origin (client) have permission to access selected resources from a server at a different origin.
Basically, your Vue app (http://localhost:8080) needs to be allowed access to your Laravel endpoint (http://127.0.0.1:8000/api/v1/login) This is to prevent me from hitting your Laravel endpoint from my malicious website and acting like an authenticated user.
Based on the docs, you need to add 'allowedOrigins' => ['*'], but that means you're opening up your backend to all requests. That's fine if it's a public API but in this context it doesn't sound like you want that. Instead, in this case it would be 'allowedOrigins' => ['localhost:8080'], so that your Vue app can consume your Laravel server.
You have to use either localhost or 127.0.0.1 for all the requests. In general in your code you should make calls to the server by just appending the URI to the current host, without re-adding the host and port in the URI string. If you load your page from a given host, for example 127.0.0.1 and then try to make an AJAX request to another host, for example www.host.com, the request gets blocked to prevent XSS attacks
It sounds like you are running this in dev mode via webpack currently? If that is correct and your workflow is that you are going to build the Vue application and have it co-reside with your Laravel backend then you just need to update config/index.js to have a proxyTable entry that forwards webpack requests to the correct dev Laravel backend server.
This would look something like this.
module.exports = {
dev: {
proxyTable: {
"/": "http://127.0.0.1:8000/api/v1/login"
}
}
}
There is additional information available on how this works; https://vuejs-templates.github.io/webpack/proxy.html
I was stuck with this error recently while I was trying to get one of our old websites hosted via Azure (App Services) up and running again.
Reason: CORS request did not succeed was the error showing in the browser console, however, it turned that for our case the URL mentioned in the CORS error doesn't exist anymore - its referring to the old https://******.azurewebsites.net service url we had (previous hosted in Azure - App Services).
So also check that the URL mentioned in the CORS-error is in fact working.
In my case the computer was not displaying the correct date and time. When I try to view the page I would get the "CORS request did not succeed." Once I updated to the correct time and date the page displayed normally.
I had to change the base URL of axios. I didn't notice it was https://, not http://
file: src\store\index.js
change the
axios.defaults.baseURL = 'https://127.0.0.1:8000/api'
to
axios.defaults.baseURL = 'http://127.0.0.1:8000/api'
Note: Make sure it's exactly same URL and Port. You can see that in terminal where you start the laravel application (php artisan serve).
Route::post('/login-details',array('https','HomeController#login_details'));
But the same thing is working in http POST
and all GET URL also working only form POST SSL not working?
Any clue?
I followed all the instructions to get Ajax working properly with Django (ajaxSetup to add the X-CSRFToken header on every request, etc) and that part now works fine.
I'm using django-rest-framework, django-allauth and rest-auth
I'm now trying to test Facebook login with DRF, since Facebook doesn't allow for localhost to be a registered app I edited ~/etc/host and added local.test.com as an alias for 127.0.0.1. Now whenever I try to post to Django I get 403 forbidden again. I think it may have something to do with the Request URL and the Remote Address being different, but I don't really know what to do with it.
Since I'm not sure where the problem is I think it makes more sense to just share the link to the project on github: https://github.com/Sebastiansc/Sauti
What can I do to allow POST Ajax requests coming from local.test.com to work?
try with #csrf_exempt
from django.views.decorators.csrf import csrf_exempt
#csrf_exempt
def your_view(request):
print "fff"
print "do your things..."
I have problem to get state of https protocol if request through iframe which is installed on another web site:
Explanation :
We are advertisement company and always send iframe code to another publisher and they add our iframe code into their web site.
It was working fine but now we had also implemented https as some publisher required.
Now we want to get server protocol of iframe URL request, so we can change our protocol in URL.
our code in codeigniter and set path in config => constant file
use src = //address.to/the/specific/iframe
removing http: will make the url to understand itself if the request is made through http or https
Testing Fine-Uploader and get the following trying to upload images. It's on a testbox and I have rights to the folder. I am not running under IIS as most of these errors when searching google have to do with IIS. Any ideas.
I am using asp.net / c# and I am not using URL Rewriting.
The error suggests that the "/UploadImages" endpoint is not configured to accept POST requests (probably only GET requests). You'll need to update your server configuration appropriately so that POST requests are accepted.