I have deployed a django app on azure and have been running it for a while. I recently added an endpoint to my app that should get a POST request from the jengahq website. However, I am able to simulate post requests from them to my endpoint and see the responses. Everytime I simulate my POST request, I get an error:
Access to fetch at https://notification-webservice.azurewebsites.net/... from origin jengahq site has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource...
However, I have enabled cors-origin for this website. It also requires a basic authentication header which I have added appropriately as shown below:
CSRF_TRUSTED_ORIGINS = (
["https://" + os.environ["WEBSITE_HOSTNAME"],
"https://secondsite",
])
CORS_ALLOWED_ORIGINS = [
"https://" + os.environ["WEBSITE_HOSTNAME"],
"https://secondsite",
]
CORS_ALLOWED_HEADERS = [
'Accept',
'Accept-Encoding',
'Authorization',
...
]
The first website in my cors allowed is where my frontend is served and I am able to run requests well. This does not work for the second website.
When I remove my frontend site from my cors allowed list, I get a similar error, but the endpoint seems different:
Access to fetch at mysite from origin myfrontend has been blocked by CORS policy...
Even with the addition v3.jengahq.io url, I still get the initial error. I have also tried to configure cors on azure, but turns out that it's not advisable once I have implemented it within app, which is more ideal. I have also tried allowing origins for CORS but it still doesn't work
cors enabled on azure portal I have also been able to test my endpoint with postman and it works well. What could I be doing wrong? Why is the first error pointing at 'notifications-webservice...' as my endpoint? cors errors from client
