Does anyone know how to enable CORS for the REST API? This is for newsletter signup.

@chrsfr, CORS is not a feature in framework level, but it’s configured in nginx enable cross-origin resource sharing

Thought so. Does this go in $ frappe@localhost: ~/frappe-bench/config/nginx.conf ?

Yes, and restart nginx after that

If you’ve used the easy install script on Ubuntu 14.04, I believe you’ll actually want to make the change in /etc/nginx/conf.d/frappe-bench.conf.

Ive copied the text within the link to ~/frappe-bench/config/nginx.conf and restart nginx but got "403 Forbidden "error when navagate to my erpnext

Hi @max_morais_dmm,

I am getting below error in firefox after login into frappe application.
"Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at (Reason: CORS request did not succeed).

I have a wrapper react native app which is loading the frappe url in webview component. I believe this is due to cors issue. I am getting different error (403 forbidden) when frappe tries to load the desk in Chrome.

Any help is highly appreciated.

in site_config.json , write “allow_cors”:[“”, “http://localhost:8080”]


Did this, then the error became:

Access to fetch at '' from origin 'http://localhost:3000' has been blocked by CORS policy: Request header field mode is not allowed by Access-Control-Allow-Headers in preflight response.

Hi @Azhar_Umar Were you able to resolve this issue?

Yes I did solve it. Since it is way back, I do not recollect what I did and what this error was related. Can you tell me your usecase, maybe I can recollect.

I faced a Cors error while calling from the React app. I resolved that by adding allow cors = * in the site config file.
Thank you for your reply

i have the same error
i add
to two file

  1. common_site_config.json
  2. site_config.json
    and run these command after the edit
bench build
bench restart
sudo supervisorctl restart all
sudo service nginx reload