I am having an App developed on Laravel 5.4. I used to have my project setup on Xampp on Windows and also under vagrant Machine.
The problem is that when I switched to MacOS and Valet, I have started getting problems with routes that were sending requests via Guzzlehttp package.
They imideatelly responded with 502 Bad Gateway
nginx/1.13.10, though I could access the same endpoints on 3rd party domains directly and even though I wrapped the code with exception handler.
How can I solve that problem?
I had a problem of 502 Bad Gateway using Guzzle. I fixed it by removing User-Agent from request.
$client = new \GuzzleHttp\Client();
$res = $client->request('GET', 'https://www.example.com', [
headers' => ['User-Agent' => null]
]);
Related
I have 2 servers which are API server and Client server ....
Both server using Google Cloud server and I use Laravel framework to develop my system...
So, currently the problem is, it return 403 error when calling API (to API server) using GuzzleHttp (from Client Server).....
But after I change the user agent to curl/7.65.3, suddenly it is working fine...
But I want to know why??? Is there any other solution without changing the user-agent???
Thanks
What is your use method? If GET you can refer to:
GET Requests That Include a Body
If a viewer GET request includes a body, CloudFront returns an HTTP status code 403 (Forbidden) to the viewer.
https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/RequestAndResponseBehaviorCustomOrigin.html
Let's get on with it.
BRIEF INTRODUCTION
When making the Axios GET request to my API I am getting cors issue like this:
Access to XMLHttpRequest at 'http://localhost:8080/api/my-endpoint/' from origin 'http://localhost:8081' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
WHAT I HAVE
I have my separate VueJs app running and Laravel 7 app on Docker on port 8080. I know for a fact that my endpoints are working 100% fine. I also using Laravel cors package.
CORS PACKAGE CONFIG
paths' => ['*'],
'allowed_methods' => ['*'],
'allowed_origins' => ['*'],
'allowed_origins_patterns' => [],
'allowed_headers' => ['*'],
'exposed_headers' => [],
'max_age' => 0,
'supports_credentials' => false,
WHAT I CAN SEE IS HAPPENING
When I take a look at response headers from my Laravel endpoint from Postman or from Chrome they both contain the following:
Access-Control-Allow-Origin: *
So by the looks of it, the header is there and it is attached and to the response.
PROBLEM
The problem here is that for some reason it is not visible at all when Axios makes a call.
Does anyone know what can be happening here? I did try different solutions from all StackOverflow pages I could find but nothing seems to be working.
I do understand that I must be missing something silly here, some piece of setup, or some config somewhere.
EDIT 1:
I am not sure if I am supposed to see this but I can't see Axios making the preflight request therefore I can't see if Access-Control-Request-Method header is being sent. I am not sure If I am supposed to see that but I can see that is what Laravel package is looking for in the middleware.
Thanks to apokryfos (see comments under my question) I came up with the answer. I wasn't easy and I am still not sure if this is a way to go.
I hope this will help other people.
So first I looked at THIS post.
THE ACTUAL PROBLEM I HAD
The real problem was not setting CORS which was done correctly from the very beginning.
The real problem was that chrome was not sending the CORS preflight request.
What is a preflight request? Good question. I will answer that soon.
THE SOLUTION I MANAGED TO FIND
Let's start with understanding what CORS PREFLIGHT REQUEST really is.
A CORS preflight request is a CORS request that checks to see if the
CORS protocol is understood and a server is aware using specific
methods and headers.
It is an OPTIONS request, using three HTTP request headers:
Access-Control-Request-Method, Access-Control-Request-Headers, and the
Origin header.
A preflight request is automatically issued by a browser and in normal
cases, front-end developers don't need to craft such requests
themselves. It appears when request is qualified as "to be
preflighted" and omited for simple requests.
So normally browser will ommit OPTIONS CORS preflight request for SIMPLE REQUESTS.
Now my current development environment (and maybe production one once I will finish my work on that system) has npm run dev running on localhost:8081 and my Laravel backend API is running on Docker on localhost:8080
This is why I am always going to need a CORS PREFLIGHT request. I am always going to need that request because at least for the development I will always have my backend and frontend app in conflict with CORS policy.
CONCLUSION
I am still not sure if it is the correct way to go about it but it kinda makes sense. At least I am not blocked anymore with my work.
Of course, CORS settings I have in my questions will be changed to more secure once I am done. I don't think it's a good idea to allow anything from anywhere!
I had got the same CORS error while working on a Vue.js project. You can resolve this by disabling the security settings of your browser (eg, CHROME) for accessing cross origin apis. This solution worked perfectly for me. This solution does not require any mock server or a proxy server to be built.
You can disable the CHROME security settings for accessing apis out of the origin by typing the below command on the mac terminal:
/Applications/Google\ Chrome.app/Contents/MacOS/Google\ Chrome --user-data-dir="/tmp/chrome_dev_session" --disable-web-security
After running the above command on your terminal, a new chrome window with security settings disabled will pop up. Now, run your program (npm run serve or npm run dev) again and this time you will not get any CORS error and would be able to GET request using axios.
Hope this helps!
working with Laravel 5.7 as backend and Vue.js as frontend. so, I need send http request fron Vue to Laravel backend. so, I used Laravel CORS package to using github link as following https://github.com/barryvdh/laravel-cors but it is not sucess and (not pass data to table fron vue). and my console error is `Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at http://localhost:8000/api/addItem. (Reason: CORS request did not succeed).
how can fix this error?`
It is only for localhost & in production if you use https then this issue will not raise any more. However for local test you can open chrome browser in disabled security mode. Details about how to do
Access-Control-Allow-Origin (Laravel & Vue)
I have a problem when I want to create an authentication system using VueJs as the frontend (http://localhost:8080/#/login) and Laravel 5.6 as the backend. When I try to submit login form using the api login url http://127.0.0.1:8000/api/v1/login, I get the error message:
Cross-Origin Request Blocked: The Same Origin Policy disallows
reading the remote resource at http://127.0.0.1:8000/api/v1/login.
(Reason: CORS request did not succeed).
I don't know how to solve this problem.
Could anyone here help me to solve my problem?
NOTE : I have to install laravel-cors before
This is an old question, but I'll reply nonetheless.
For me this error was caused by a self-signed certificate. If you open developer tools, select the network tab, click the call that failed CORS you can see the security tab. Click it to open it. If a cert is giving you problems the text "An error occurred: SEC_ERROR_INADEQUATE_KEY_USAGE" should be visible.
To resolve this just go to the URL that gave you the CORS error, and accept the cert manually.
Cross Origin Resource Sharing is a mechanism that uses additional HTTP headers to tell a browser to allow the web application running on one origin (client) have permission to access selected resources from a server at a different origin.
Basically, your Vue app (http://localhost:8080) needs to be allowed access to your Laravel endpoint (http://127.0.0.1:8000/api/v1/login) This is to prevent me from hitting your Laravel endpoint from my malicious website and acting like an authenticated user.
Based on the docs, you need to add 'allowedOrigins' => ['*'], but that means you're opening up your backend to all requests. That's fine if it's a public API but in this context it doesn't sound like you want that. Instead, in this case it would be 'allowedOrigins' => ['localhost:8080'], so that your Vue app can consume your Laravel server.
You have to use either localhost or 127.0.0.1 for all the requests. In general in your code you should make calls to the server by just appending the URI to the current host, without re-adding the host and port in the URI string. If you load your page from a given host, for example 127.0.0.1 and then try to make an AJAX request to another host, for example www.host.com, the request gets blocked to prevent XSS attacks
It sounds like you are running this in dev mode via webpack currently? If that is correct and your workflow is that you are going to build the Vue application and have it co-reside with your Laravel backend then you just need to update config/index.js to have a proxyTable entry that forwards webpack requests to the correct dev Laravel backend server.
This would look something like this.
module.exports = {
dev: {
proxyTable: {
"/": "http://127.0.0.1:8000/api/v1/login"
}
}
}
There is additional information available on how this works; https://vuejs-templates.github.io/webpack/proxy.html
I was stuck with this error recently while I was trying to get one of our old websites hosted via Azure (App Services) up and running again.
Reason: CORS request did not succeed was the error showing in the browser console, however, it turned that for our case the URL mentioned in the CORS error doesn't exist anymore - its referring to the old https://******.azurewebsites.net service url we had (previous hosted in Azure - App Services).
So also check that the URL mentioned in the CORS-error is in fact working.
In my case the computer was not displaying the correct date and time. When I try to view the page I would get the "CORS request did not succeed." Once I updated to the correct time and date the page displayed normally.
I had to change the base URL of axios. I didn't notice it was https://, not http://
file: src\store\index.js
change the
axios.defaults.baseURL = 'https://127.0.0.1:8000/api'
to
axios.defaults.baseURL = 'http://127.0.0.1:8000/api'
Note: Make sure it's exactly same URL and Port. You can see that in terminal where you start the laravel application (php artisan serve).
My server is sending infinite mail with Laravel..
I tried testing a simple mail form, it returned a 404 and still sent a lot of e-mails. Now my server went crazy and is sending 14 e-mails per second on amazon SES.
I've tried:
restarting server
clearing the queue (no jobs are show in the database)
checking if retry has a limit, it is set to 3
went back to php5 (it was updated to 7 recently)
I'm using laravel 5.2.
My email sending logic:
\Mail::send('emails.contact', ['email_message' => $email_message, 'name' => $name], function($message) use ($to_email, $from_email, $name, $subject) {
$message->to($to_email)->from('my#server.com', $name)->replyTo($from_email, $name)->subject($subject);
});
PHP Log and Nginx logs shows no errors
Any ideas what I could do?