[
https://issues.apache.org/jira/browse/AIRFLOW-4804?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16865725#comment-16865725
]
Srinivasa kalyan Sozhavaram commented on AIRFLOW-4804:
------------------------------------------------------
Based on the code from link below:
[https://github.com/apache/airflow/blob/master/airflow/www/api/experimental/endpoints.py]
The API uses Blueprint from flask. So if the CORS from flask_cors package can
be imported and then enabled only if a new configuration option in the [api]
section within the airflow.cfg is set to true then enable the CORS if not then
by default disable the CORS.
> Enable CORS (Cross-Origin Request Sharing) for the API
> ------------------------------------------------------
>
> Key: AIRFLOW-4804
> URL: https://issues.apache.org/jira/browse/AIRFLOW-4804
> Project: Apache Airflow
> Issue Type: Bug
> Components: api
> Affects Versions: 1.10.3
> Reporter: Srinivasa kalyan Sozhavaram
> Priority: Minor
> Original Estimate: 1h
> Remaining Estimate: 1h
>
> Ability needed to call the Airflow API that are hosted in a server with SSL
> enabled. We get an error when the API is being integrated to a custom-built
> portal on HTTP:
>
> {quote} *Access to XMLHttpRequest at
> 'https://<airflow_DNS>/api/experimental/dags/<dag_id>/dag_runs' from origin
> 'http://localhost:4200' has been blocked by CORS policy: Response to
> preflight request doesn't pass access control check: No
> 'Access-Control-Allow-Origin' header is present on the requested resource.*
> {quote}
>
> Header was set with Access-Control-Allow-Origin as "***"
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
