Method PUT is not allowed by Access-Control-Allow-Methods in preflight response FLASK CORS












1















GETs are working right. I can't seem to make PUT work and I fear POST is not working as well.



Kept on having the error 



Access to XMLHttpRequest at '<...>' from origin 'https://localhost:3000' has been blocked by CORS policy: Method PUT is not allowed by Access-Control-Allow-Methods in preflight response.


I have a local webapp that calls on an external api which means CORS will be one of the hurdles I should tackle.



Here's my flask code.



@blueprint.route('/profiles/<oi_id>', methods=['POST'])

@cross_origin(send_wildcard=True, methods=['POST', 'OPTIONS'])

def create_checkin_profile(oi_id):

    return jsonify(cph.create_owner_profile_info(oi_id, json.loads(request.data)))





@blueprint.route('/profiles/<oi_id>', methods=['PUT'])

@cross_origin(send_wildcard=True, methods=['PUT', 'OPTIONS'])

def edit_checkin_profile(oi_id):

    return jsonify(cph.edit_owner_profile_info(oi_id, json.loads(request.data)))


It's quite confusing since I'm pretty sure I allowed PUT.
I'm using axios for this on a react app. Here's my call-api function.



axios({

      method: 'PUT',

      url: url,

      timeout: 3000,

      data: data,

      headers: {

        "Access-Control-Allow-Origin": "*",

        "Content-Type": "application/json",

        Accept: "application/json",

      },

    });





python reactjs flask axios flask-cors







share|improve this question























  • From React side, it appears to me your implementations are correct, please check how to handle cors in flask.

    – Satyaki
    Nov 26 '18 at 11:43











  • I just used Flask-Cors. @cross_origin() decorator in which it should handle the CORS requests nicely. That's why I'm confused why it doesn't work.

    – Franrey Saycon
    Nov 26 '18 at 11:54











  • I'm not a python guy. So can't confirm but this might help you : stackoverflow.com/questions/39550920/…

    – Satyaki
    Nov 26 '18 at 11:57
















1















GETs are working right. I can't seem to make PUT work and I fear POST is not working as well.



Kept on having the error 



Access to XMLHttpRequest at '<...>' from origin 'https://localhost:3000' has been blocked by CORS policy: Method PUT is not allowed by Access-Control-Allow-Methods in preflight response.


I have a local webapp that calls on an external api which means CORS will be one of the hurdles I should tackle.



Here's my flask code.



@blueprint.route('/profiles/<oi_id>', methods=['POST'])

@cross_origin(send_wildcard=True, methods=['POST', 'OPTIONS'])

def create_checkin_profile(oi_id):

    return jsonify(cph.create_owner_profile_info(oi_id, json.loads(request.data)))





@blueprint.route('/profiles/<oi_id>', methods=['PUT'])

@cross_origin(send_wildcard=True, methods=['PUT', 'OPTIONS'])

def edit_checkin_profile(oi_id):

    return jsonify(cph.edit_owner_profile_info(oi_id, json.loads(request.data)))


It's quite confusing since I'm pretty sure I allowed PUT.
I'm using axios for this on a react app. Here's my call-api function.



axios({

      method: 'PUT',

      url: url,

      timeout: 3000,

      data: data,

      headers: {

        "Access-Control-Allow-Origin": "*",

        "Content-Type": "application/json",

        Accept: "application/json",

      },

    });





python reactjs flask axios flask-cors







share|improve this question























  • From React side, it appears to me your implementations are correct, please check how to handle cors in flask.

    – Satyaki
    Nov 26 '18 at 11:43











  • I just used Flask-Cors. @cross_origin() decorator in which it should handle the CORS requests nicely. That's why I'm confused why it doesn't work.

    – Franrey Saycon
    Nov 26 '18 at 11:54











  • I'm not a python guy. So can't confirm but this might help you : stackoverflow.com/questions/39550920/…

    – Satyaki
    Nov 26 '18 at 11:57














1












1








1








GETs are working right. I can't seem to make PUT work and I fear POST is not working as well.



Kept on having the error 



Access to XMLHttpRequest at '<...>' from origin 'https://localhost:3000' has been blocked by CORS policy: Method PUT is not allowed by Access-Control-Allow-Methods in preflight response.


I have a local webapp that calls on an external api which means CORS will be one of the hurdles I should tackle.



Here's my flask code.



@blueprint.route('/profiles/<oi_id>', methods=['POST'])

@cross_origin(send_wildcard=True, methods=['POST', 'OPTIONS'])

def create_checkin_profile(oi_id):

    return jsonify(cph.create_owner_profile_info(oi_id, json.loads(request.data)))





@blueprint.route('/profiles/<oi_id>', methods=['PUT'])

@cross_origin(send_wildcard=True, methods=['PUT', 'OPTIONS'])

def edit_checkin_profile(oi_id):

    return jsonify(cph.edit_owner_profile_info(oi_id, json.loads(request.data)))


It's quite confusing since I'm pretty sure I allowed PUT.
I'm using axios for this on a react app. Here's my call-api function.



axios({

      method: 'PUT',

      url: url,

      timeout: 3000,

      data: data,

      headers: {

        "Access-Control-Allow-Origin": "*",

        "Content-Type": "application/json",

        Accept: "application/json",

      },

    });





python reactjs flask axios flask-cors







share|improve this question














GETs are working right. I can't seem to make PUT work and I fear POST is not working as well.



Kept on having the error 



Access to XMLHttpRequest at '<...>' from origin 'https://localhost:3000' has been blocked by CORS policy: Method PUT is not allowed by Access-Control-Allow-Methods in preflight response.


I have a local webapp that calls on an external api which means CORS will be one of the hurdles I should tackle.



Here's my flask code.



@blueprint.route('/profiles/<oi_id>', methods=['POST'])

@cross_origin(send_wildcard=True, methods=['POST', 'OPTIONS'])

def create_checkin_profile(oi_id):

    return jsonify(cph.create_owner_profile_info(oi_id, json.loads(request.data)))





@blueprint.route('/profiles/<oi_id>', methods=['PUT'])

@cross_origin(send_wildcard=True, methods=['PUT', 'OPTIONS'])

def edit_checkin_profile(oi_id):

    return jsonify(cph.edit_owner_profile_info(oi_id, json.loads(request.data)))


It's quite confusing since I'm pretty sure I allowed PUT.
I'm using axios for this on a react app. Here's my call-api function.



axios({

      method: 'PUT',

      url: url,

      timeout: 3000,

      data: data,

      headers: {

        "Access-Control-Allow-Origin": "*",

        "Content-Type": "application/json",

        Accept: "application/json",

      },

    });





python reactjs flask axios flask-cors




python reactjs flask axios flask-cors






share|improve this question













share|improve this question











share|improve this question




share|improve this question










asked Nov 26 '18 at 11:29









Franrey SayconFranrey Saycon

1099




1099













  • From React side, it appears to me your implementations are correct, please check how to handle cors in flask.

    – Satyaki
    Nov 26 '18 at 11:43











  • I just used Flask-Cors. @cross_origin() decorator in which it should handle the CORS requests nicely. That's why I'm confused why it doesn't work.

    – Franrey Saycon
    Nov 26 '18 at 11:54











  • I'm not a python guy. So can't confirm but this might help you : stackoverflow.com/questions/39550920/…

    – Satyaki
    Nov 26 '18 at 11:57



















  • From React side, it appears to me your implementations are correct, please check how to handle cors in flask.

    – Satyaki
    Nov 26 '18 at 11:43











  • I just used Flask-Cors. @cross_origin() decorator in which it should handle the CORS requests nicely. That's why I'm confused why it doesn't work.

    – Franrey Saycon
    Nov 26 '18 at 11:54











  • I'm not a python guy. So can't confirm but this might help you : stackoverflow.com/questions/39550920/…

    – Satyaki
    Nov 26 '18 at 11:57

















From React side, it appears to me your implementations are correct, please check how to handle cors in flask.

– Satyaki
Nov 26 '18 at 11:43





From React side, it appears to me your implementations are correct, please check how to handle cors in flask.

– Satyaki
Nov 26 '18 at 11:43













I just used Flask-Cors. @cross_origin() decorator in which it should handle the CORS requests nicely. That's why I'm confused why it doesn't work.

– Franrey Saycon
Nov 26 '18 at 11:54





I just used Flask-Cors. @cross_origin() decorator in which it should handle the CORS requests nicely. That's why I'm confused why it doesn't work.

– Franrey Saycon
Nov 26 '18 at 11:54













I'm not a python guy. So can't confirm but this might help you : stackoverflow.com/questions/39550920/…

– Satyaki
Nov 26 '18 at 11:57





I'm not a python guy. So can't confirm but this might help you : stackoverflow.com/questions/39550920/…

– Satyaki
Nov 26 '18 at 11:57












1 Answer
1






active

oldest

votes


















0














Alright I fixed this.
Apparently according to the docs I have to specify "Content-Type" on the cross origin requests. Like so:



@cross_origin(allow_headers=['Content-Type'])


Don't be fooled by the default of allow all. You need to specify this apparently.



I have to remove unnecessary headers such as Accept and Access-Control-Allow-Origin. Updating my axios like so:



axios({

    method: 'PUT',

    url: url,

    timeout: 3000,

    data: data,

    headers: {

        "Content-Type": "application/json",

    },

});


BONUS:



I ran into a problem if my api calls returned a non 200 response with preflight request, the response body becomes null. I just added these lines of code on my main application. I needed the body for the details of the error is there.



@app.after_request

def set_cors_header(response):

    response.headers['Access-Control-Allow-Origin'] = '*'

    return response





share|improve this answer
























    Your Answer






    StackExchange.ifUsing("editor", function () {
    StackExchange.using("externalEditor", function () {
    StackExchange.using("snippets", function () {
    StackExchange.snippets.init();
    });
    });
    }, "code-snippets");

    StackExchange.ready(function() {
    var channelOptions = {
    tags: "".split(" "),
    id: "1"
    };
    initTagRenderer("".split(" "), "".split(" "), channelOptions);

    StackExchange.using("externalEditor", function() {
    // Have to fire editor after snippets, if snippets enabled
    if (StackExchange.settings.snippets.snippetsEnabled) {
    StackExchange.using("snippets", function() {
    createEditor();
    });
    }
    else {
    createEditor();
    }
    });

    function createEditor() {
    StackExchange.prepareEditor({
    heartbeatType: 'answer',
    autoActivateHeartbeat: false,
    convertImagesToLinks: true,
    noModals: true,
    showLowRepImageUploadWarning: true,
    reputationToPostImages: 10,
    bindNavPrevention: true,
    postfix: "",
    imageUploader: {
    brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
    contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
    allowUrls: true
    },
    onDemand: true,
    discardSelector: ".discard-answer"
    ,immediatelyShowMarkdownHelp:true
    });


    }
    });














    draft saved

    draft discarded


















    StackExchange.ready(
    function () {
    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53480164%2fmethod-put-is-not-allowed-by-access-control-allow-methods-in-preflight-response%23new-answer', 'question_page');
    }
    );

    Post as a guest















    Required, but never shown

























    1 Answer
    1






    active

    oldest

    votes








    1 Answer
    1






    active

    oldest

    votes









    active

    oldest

    votes






    active

    oldest

    votes









    0














    Alright I fixed this.
    Apparently according to the docs I have to specify "Content-Type" on the cross origin requests. Like so:



    @cross_origin(allow_headers=['Content-Type'])


    Don't be fooled by the default of allow all. You need to specify this apparently.



    I have to remove unnecessary headers such as Accept and Access-Control-Allow-Origin. Updating my axios like so:



    axios({
    
    method: 'PUT',
    
    url: url,
    
    timeout: 3000,
    
    data: data,
    
    headers: {
    
        "Content-Type": "application/json",
    
    },
    
});


    BONUS:



    I ran into a problem if my api calls returned a non 200 response with preflight request, the response body becomes null. I just added these lines of code on my main application. I needed the body for the details of the error is there.



    @app.after_request
    
def set_cors_header(response):
    
    response.headers['Access-Control-Allow-Origin'] = '*'
    
    return response





    share|improve this answer




























      0














      Alright I fixed this.
      Apparently according to the docs I have to specify "Content-Type" on the cross origin requests. Like so:



      @cross_origin(allow_headers=['Content-Type'])


      Don't be fooled by the default of allow all. You need to specify this apparently.



      I have to remove unnecessary headers such as Accept and Access-Control-Allow-Origin. Updating my axios like so:



      axios({
      
    method: 'PUT',
      
    url: url,
      
    timeout: 3000,
      
    data: data,
      
    headers: {
      
        "Content-Type": "application/json",
      
    },
      
});


      BONUS:



      I ran into a problem if my api calls returned a non 200 response with preflight request, the response body becomes null. I just added these lines of code on my main application. I needed the body for the details of the error is there.



      @app.after_request
      
def set_cors_header(response):
      
    response.headers['Access-Control-Allow-Origin'] = '*'
      
    return response





      share|improve this answer


























        0












        0








        0







        Alright I fixed this.
        Apparently according to the docs I have to specify "Content-Type" on the cross origin requests. Like so:



        @cross_origin(allow_headers=['Content-Type'])


        Don't be fooled by the default of allow all. You need to specify this apparently.



        I have to remove unnecessary headers such as Accept and Access-Control-Allow-Origin. Updating my axios like so:



        axios({
        
    method: 'PUT',
        
    url: url,
        
    timeout: 3000,
        
    data: data,
        
    headers: {
        
        "Content-Type": "application/json",
        
    },
        
});


        BONUS:



        I ran into a problem if my api calls returned a non 200 response with preflight request, the response body becomes null. I just added these lines of code on my main application. I needed the body for the details of the error is there.



        @app.after_request
        
def set_cors_header(response):
        
    response.headers['Access-Control-Allow-Origin'] = '*'
        
    return response





        share|improve this answer













        Alright I fixed this.
        Apparently according to the docs I have to specify "Content-Type" on the cross origin requests. Like so:



        @cross_origin(allow_headers=['Content-Type'])


        Don't be fooled by the default of allow all. You need to specify this apparently.



        I have to remove unnecessary headers such as Accept and Access-Control-Allow-Origin. Updating my axios like so:



        axios({
        
    method: 'PUT',
        
    url: url,
        
    timeout: 3000,
        
    data: data,
        
    headers: {
        
        "Content-Type": "application/json",
        
    },
        
});


        BONUS:



        I ran into a problem if my api calls returned a non 200 response with preflight request, the response body becomes null. I just added these lines of code on my main application. I needed the body for the details of the error is there.



        @app.after_request
        
def set_cors_header(response):
        
    response.headers['Access-Control-Allow-Origin'] = '*'
        
    return response






        share|improve this answer












        share|improve this answer



        share|improve this answer










        answered Nov 27 '18 at 6:36









        Franrey SayconFranrey Saycon

        1099




        1099
































            draft saved

            draft discarded




















































            Thanks for contributing an answer to Stack Overflow!


            • Please be sure to answer the question. Provide details and share your research!

            But avoid



            • Asking for help, clarification, or responding to other answers.

            • Making statements based on opinion; back them up with references or personal experience.


            To learn more, see our tips on writing great answers.




            draft saved


            draft discarded














            StackExchange.ready(
            function () {
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53480164%2fmethod-put-is-not-allowed-by-access-control-allow-methods-in-preflight-response%23new-answer', 'question_page');
            }
            );

            Post as a guest















            Required, but never shown





















































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown

































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown







            -

            Popular posts from this blog

            Costa Masnaga

            Image
            .mw-parser-output .avviso .mbox-text-div>div,.mw-parser-output .avviso .mbox-text-full-div>div{font-size:90%}.mw-parser-output .avviso .mbox-image div{width:52px}.mw-parser-output .avviso .mbox-text-full-div .hide-when-compact{display:block} Questa voce o sezione sull'argomento Lombardia non cita le fonti necessarie o quelle presenti sono insufficienti . Puoi migliorare questa voce aggiungendo citazioni da fonti attendibili secondo le linee guida sull'uso delle fonti. Segui i suggerimenti del progetto di riferimento. Costa Masnaga comune Localizzazione Stato   Italia Regione Lombardia Provincia Lecco Amministrazione Sindaco Sabina Panzeri (Al centro il cittadino) dall'08/06/2009 Territorio Coordinate 45°46′N 9°17′E  /  45.766667°N 9.283333°E 45.766667; 9.283333  ( Costa Masnaga ) Coordinate: 45°46′N 9°17′E  /  45.766667°N 9.283333°E 45.766667; 9.283333  ( Costa Masnaga ) Altitudine 318 m s.l.m
            Read more

            Fotorealismo

            Image
            Guerrino Boatto, Venice's St. Barnaba Church and canal Il fotorealismo è un genere di pittura basato sull'uso di una o più fotografie dalle quali l'artista prende le informazioni necessarie da utilizzare poi nel processo della creazione dell'opera, in genere ad olio o ad acrilico, al fine di avere un aspetto finale il più simile possibile alla fotografia. Indice 1 Storia 2 Lista dei fotorealisti 3 Note 4 Voci correlate 5 Altri progetti Storia | Il fotorealismo è un movimento che nasce negli Stati Uniti d'America alla fine degli anni sessanta [1] sulla scia della Pop Art [2] [3] [4] , e insieme condividono il carattere reazionario verso la travolgente ascesa dei media, che alla metà del ventesimo secolo si trasforma in un fenomeno di massa talmente imponente da minacciare il valore dell'immagine nell'arte. [5] [6] Ne consegue così che, colto il gesto d'inizio che fu della Pop Art, i fotorealisti aprono ad un
            Read more

            Create new schema in PostgreSQL using DBeaver

            Image
            0 At the beginning of my current job I had limited access to DB but recently my role is changed to superuser, admin, and owner. My colleague who was the previous DB admin is able to create a schema or change the permissions as there is a permission tab in the properties and he can change permissions by clicking easily. Would you please let me know how I can create schema and change permissions as well? Why his dbeaver looks different from me? He can easily right click on the schema folder on top of all schemas on the left side column and select create new schema while I do not have that, like the following picture I found on the internet. postgresql database-schema dbeaver share | improve this question
            Read more