• Recent
    • Tags
    • Popular
    • Register
    • Login

    Please Note This forum exists for community support for the Mango product family and the Radix IoT Platform. Although Radix IoT employees participate in this forum from time to time, there is no guarantee of a response to anything posted here, nor can Radix IoT, LLC guarantee the accuracy of any information expressed or conveyed. Specific project questions from customers with active support contracts are asked to send requests to support@radixiot.com.

    Radix IoT Website Mango 3 Documentation Website Mango 4 Documentation Website Mango 5 Documentation Website

    Not being able to configure CORS

    Development general discussion
    3
    3
    2.0k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J
      jmpy
      last edited by

      Hi, i'm trying to read mango data from python using the rest api. I read all I could find in the forum, but still the cors looks like it's not working. I tried adding as many headers to "Access-Control-Allow-Headers", and send as little headers as possible from my python code. I tried with GET and POST. Please. Any help will be appreciated.

      the debugging console in python (you can see that mangoApiHeaders is loading just fine):

      send: 'GET /rest/v1/login/admin?password=admin HTTP/1.1\r\nHost: 127.0.0.1:8087\r\nAccess-Control-Allow-Origin: *\r\nX-Requested-With: XMLHttpRequest\r\nAccept-Encoding: gzip, deflate\r\n\r\n'
reply: 'HTTP/1.1 406 Not Acceptable\r\n'
DEBUG:requests.packages.urllib3.connectionpool:"GET /rest/v1/login/admin?password=admin HTTP/1.1" 406 0
header: Date: Wed, 10 Feb 2016 16:33:05 GMT
header: Access-Control-Max-Age: 3600
header: Access-Control-Allow-Headers: X-Requested-With,Content-Type,Accept,Origin, X-XSRF-TOKEN, Set-Cookie, Expires, Connection, User-Agent, Accept-Encoding, Host , LOGOUT, PASSWORD
header: Access-Control-Allow-Origin: *
header: Access-Control-Allow-Credentials: true
header: Access-Control-Allow-Methods: PUT, POST, GET, OPTIONS, DELETE
header: Set-Cookie: MANGO8087=1ekrvt78inh341m02r56n06vu8;Path=/
header: Expires: Thu, 01 Jan 1970 00:00:00 GMT
header: messages: 
header: errors: Invalid login
header: Content-Length: 0
header: Server: Jetty(9.2.12.v20150709)
send: 'POST /rest/v1/login/admin?password=admin HTTP/1.1\r\nHost: 127.0.0.1:8087\r\nX-Requested-With: XMLHttpRequest\r\nAccess-Control-Allow-Origin: *\r\nCookie: MANGO8087=1ekrvt78inh341m02r56n06vu8\r\nAccept-Encoding: gzip, deflate\r\nContent-Length: 0\r\n\r\n'
DEBUG:requests.packages.urllib3.connectionpool:"POST /rest/v1/login/admin?password=admin HTTP/1.1" 406 0
reply: 'HTTP/1.1 406 Not Acceptable\r\n'
header: Date: Wed, 10 Feb 2016 16:33:05 GMT
header: Access-Control-Max-Age: 3600
header: Access-Control-Allow-Headers: X-Requested-With,Content-Type,Accept,Origin, X-XSRF-TOKEN, Set-Cookie, Expires, Connection, User-Agent, Accept-Encoding, Host , LOGOUT, PASSWORD
header: Access-Control-Allow-Origin: *
header: Access-Control-Allow-Credentials: true
header: Access-Control-Allow-Methods: PUT, POST, GET, OPTIONS, DELETE
header: Content-Length: 0
header: Server: Jetty(9.2.12.v20150709)

      My files:
      overrides/web/override-web.xml

      <?xml version="1.0" encoding="UTF-8"?>
<!--
    Copyright (C) 2015 Infinite Automation Systems Inc. All rights reserved.
    @author Terry Packer
-->

<web-app xmlns="http://java.sun.com/xml/ns/javaee"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
    version="2.5">
 
  <!-- 
    Filter definitions.
   -->
  <filter>
    <description>Filter to allow custom headers to be added to the REST API responses</description>
    <filter-name>customHeadersFilter</filter-name>
    <filter-class>com.serotonin.m2m2.web.mvc.rest.v1.CustomHeadersFilter</filter-class>
  </filter>
  
  <filter-mapping>
   <filter-name>customHeadersFilter</filter-name>
   <url-pattern>/rest/*</url-pattern>
  </filter-mapping>
  
</web-app>

      /web/modules/mangoApi/classes/mangoApiHeaders.properties

      Access-Control-Allow-Origin=*
Access-Control-Allow-Methods=PUT, POST, GET, OPTIONS, DELETE
Access-Control-Allow-Credentials=true
Access-Control-Max-Age=3600
Access-Control-Allow-Headers=X-Requested-With,Content-Type,Accept,Origin, X-XSRF-TOKEN, Set-Cookie, Expires, Connection, User-Agent, Accept-Encoding, Host , LOGOUT, PASSWORD

      Re: REST API access custom software

      1 Reply Last reply Reply Quote 0
      • phildunlapP
        phildunlap
        last edited by phildunlap

        Hi jmpy,

        I believe the way that will have long term support is the GET with the password as a header field (probably why you get that 406). That you got a 'Set-Cookie' back would imply the login worked (Edit: I was corrected, you have an anonymous session before you have a user session, but you should still use the cookie given when login is successful). You will need to return the value of that cookie in all subsequent requests under the header X-XSRF-TOKEN=1ekrvt78inh341m02r56n06vu8

        1 Reply Last reply Reply Quote 0
        • terrypackerT
          terrypacker
          last edited by

          Make sure you set the 'Accepts' header to application/json. It's possible that Mango can't figure out what type of response you want.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post