REST API and CORS

chrsfr · January 3, 2017, 10:29pm

Does anyone know how to enable CORS for the REST API? This is for newsletter signup.

max_morais_dmm · January 3, 2017, 11:11pm

@chrsfr, CORS is not a feature in framework level, but it’s configured in nginx enable cross-origin resource sharing

chrsfr · January 3, 2017, 11:40pm

Thought so. Does this go in $ frappe@localhost: ~/frappe-bench/config/nginx.conf ?

max_morais_dmm · January 4, 2017, 1:51am

Yes, and restart nginx after that

felix · January 4, 2017, 5:10am

If you’ve used the easy install script on Ubuntu 14.04, I believe you’ll actually want to make the change in /etc/nginx/conf.d/frappe-bench.conf.

kyabroudi · October 30, 2017, 12:31pm

Ive copied the text within the link to ~/frappe-bench/config/nginx.conf and restart nginx but got "403 Forbidden "error when navagate to my erpnext

Roshanth_Selva · July 22, 2021, 3:30pm

Hi @max_morais_dmm,

I am getting below error in firefox after login into frappe application.
"Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://example.app.com:9000/socket.io/?EIO=3&transport=polling&t=NhEmynP. (Reason: CORS request did not succeed).

I have a wrapper react native app which is loading the frappe url in webview component. I believe this is due to cors issue. I am getting different error (403 forbidden) when frappe tries to load the desk in Chrome.

I have set site configuration to enable cors
Nginx configuration done as described here (Frappe CORS for nginx · GitHub)

Any help is highly appreciated.

hesongtian · September 23, 2021, 10:31am

in site_config.json , write “allow_cors”:[“http://10.0.0.29:8080”, “http://localhost:8080”]

Azhar_Umar · February 3, 2023, 4:15am

Did this, then the error became:

Access to fetch at 'https://erp.zarnik.xyz/api/resource/Item' from origin 'http://localhost:3000' has been blocked by CORS policy: Request header field mode is not allowed by Access-Control-Allow-Headers in preflight response.

Robot · April 4, 2024, 8:03am

Hi @Azhar_Umar Were you able to resolve this issue?

Azhar_Umar · May 2, 2024, 11:30am

Yes I did solve it. Since it is way back, I do not recollect what I did and what this error was related. Can you tell me your usecase, maybe I can recollect.

Robot · May 2, 2024, 11:56am

I faced a Cors error while calling from the React app. I resolved that by adding allow cors = * in the site config file.
Thank you for your reply

manal_erpnext · May 27, 2024, 6:32am

i have the same error
i add
"allow_cros":"*"
to two file

common_site_config.json
site_config.json
and run these command after the edit

bench build
bench restart
sudo supervisorctl restart all
sudo service nginx reload

@revant_one