Skip to content
This repository has been archived by the owner on Dec 26, 2020. It is now read-only.

CORS issue #22

Open
itaditya opened this issue Oct 18, 2017 · 10 comments
Open

CORS issue #22

itaditya opened this issue Oct 18, 2017 · 10 comments

Comments

@itaditya
Copy link

Hi I'm unable to make an AJAX request to glot.io. I keep getting this error.

Failed to load https://run.glot.io/languages/python/latest: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:8080' is therefore not allowed access. The response had HTTP status code 405.
@alokshakya
Copy link

Hi I am not able to call https://run.glot.io/languages/python/latest in Angular 5 application it gives following error.

Failed to load https://run.glot.io/languages/python/latest: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:4200' is therefore not allowed access. The response had HTTP status code 405.
screenshot 226

@prasmussen
Copy link
Owner

Yeah, CORS is not supported at this time. I'm currently working on a new version of the api where I will consider allowing it. It will take at least a couple of months before the new api is ready though.

@sbstnssndn
Copy link

So we can't run code in glot from localhost? Is there a workaround for that?

@itaditya
Copy link
Author

Create a backend server. From your frontend send a request to the server and from the server make a request to glot. For a working implementation check out https://github.com/itaditya/Code-Runner

@sbstnssndn
Copy link

Aaah I see, thanks. Sorry, why does this work? I thought if a request didn't work from the front, it wouldn't work from the back either.

@itaditya
Copy link
Author

A request sent from browser i.e. Ajax is different from what is sent by the server. Since the request on the client side can be tampered by bad actors, it is less secure that is why cors exist to prevent sending requests from client side. Many Payment gateways also accept request from server only

@sanjayme97
Copy link

is this fixed @prasmussen

@chumaumenze
Copy link

@sanjayme97 This might help you. https://github.com/Rob--W/cors-anywhere

@ten0s
Copy link

ten0s commented May 11, 2020

@prasmussen, I see some unused code for CORS
https://github.com/prasmussen/glot-run/blob/master/apps/glot/src/http/http_util.erl#L72-L83

Would you accept a PR?

@prasmussen
Copy link
Owner

@prasmussen, I see some unused code for CORS
https://github.com/prasmussen/glot-run/blob/master/apps/glot/src/http/http_util.erl#L72-L83

Would you accept a PR?

Sorry, but I won't do any changes to the current version in regards to CORS

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
7 participants
@prasmussen @ten0s @sbstnssndn @itaditya @chumaumenze @alokshakya @sanjayme97