Hi Rob,
You'll want to send the CORS headers with requests other than OPTIONS,
e.g. a minimal example to enable it everywhere might be :
app->hook(after_dispatch => sub {
my $c = shift;
$c->res->headers->header('Access-Control-Allow-Origin' => '*');
}
Brian
On Wednesday, April 29, John wrote:
> I have not ready your entire post so don't know if this will apply in your
> case: Mojolicious::Plugin::CORS
>
> John
>
> On 04/29/2015 06:44 AM, Rob Willett wrote:
> >Hi,
> >
> >First time poster.
> >
> >We've written an app using jquery, Cordova and were trying too work out a
> >simple REST server framework to use. Since we had a lot of code already
> >written in JavaScript and using SQLite we thought we'd try express.js and
> >the sqlite modules there. Whilst simple interactions seem to work, the
> >asynchronous nature and the complete lack of sensible support for SQL
> >transactions, we abandoned that and went back to our other option
> >Mojolicious.
> >
> >I've been reading a lot about Mojlicious and have struggled to find the
> >answer to what I think should be a simple problem. We simply want to allow
> >anybody to access the Mojlicious web app. Our app will be on our own
> >intranet and we don't want anything in the way.
> >
> >We thought this would be simple but we seem to be struggling with this and
> >after reading vast quantities of blogs, cpan sections we still cannot get
> >a simple browser running Firefox to make a simple POST request to a
> >Mojlicious server. We are embarrassed but after two days enough is enough,
> >we're asking for help.
> >
> >This is the smallest server code we could write.
> >
> >|
> >#!/usr/bin/perl -w
> >
> >use Mojolicious::Lite;
> >
> >options '*' => sub {
> > my $self = shift;
> >
> >$self->res->headers->header('Access-Control-Allow-Origin' => '*');
> >$self->res->headers->header('Access-Control-Allow-Credentials' => 'true');
> >$self->res->headers->header('Access-Control-Allow-Methods' => 'GET,
> >OPTIONS, POST, DELETE, PUT');
> >$self->res->headers->header('Access-Control-Allow-Headers' =>
> >'Content-Type');
> >$self->res->headers->header('Access-Control-Max-Age' => '1728000');
> >
> > $self->respond_to(any => { data => '', status => 200 });
> >};
> >
> >get '/data' => sub {
> > my $self = shift;
> >
> > print "GET found\n";
> > $self->render(text => 'ok');
> >};
> >
> >post '/data' => sub {
> > my $self = shift;
> >
> > print "\nPOST found\n";
> > $self->render(text => 'POST ok');
> >};
> >
> >app->secrets(['My very secret passphrase.']);
> >
> >app->start;
> >|
> >
> >The code to call it from our app is
> >
> >|
> >$http({
> > url: "http://localhost:3000/data"; ,
> > method: 'POST' ,
> > headers: { 'Content-Type': 'application/json' } ,
> > data: { payload : payload }
> >}).then(function(response) {
> > // Success
> >ConsoleLog("$http POST success");
> > } ,
> >function(response) {
> >ConsoleLog("$http POST failure");
> >});
> >|
> >
> >We know this angular code works calling express.js running on node.js we
> >we had it running, we extracted the JSON data from it and updated
> >databases.
> >
> >If we access this from curl, it works fine.
> >
> >|
> >curl --data "id=123" http://localhost:3000/data
> >|
> >
> >We get 'POST OK' returned.
> >
> >If we access this from a Firefox browser, which we use as a development
> >testing mule, we get
> >
> >|
> >Cross-Origin Request Blocked: The Same Origin Policy disallows reading the
> >remote resource at http://localhost:3000/data. This can be fixed by moving
> >the resource to the same domain or enabling CORS.
> >|
> >
> >We can see the OPTIONS method being called from the Network debugger under
> >Firefox and it returns 200 which is OK. This is followed by a POST method
> >and that looks OK as it returns 200. If we examine the headers it all
> >'looks ok' but clearly isn't. We can see that the debugging from the
> >Mojlicious server prints out "Post found" which is what we would expect.
> >
> ><https://lh3.googleusercontent.com/-M5gnpxpeQzI/VUDDNTSXHnI/AAAAAAAAAHE/hgu5HgdWP9Q/s1600/Screen%2BShot%2B2015-04-29%2Bat%2B12.16.00.png>
> >
> >We're sure this is something simple, but after a very long night and far
> >too much coffee we've no idea what the problem is.
> >
> >Any suggestions welcomed (including pack it all in and take up fishing).
> >
> >Thanks
> >
> >Rob
> >
> >
> >--
> >You received this message because you are subscribed to the Google Groups
> >"Mojolicious" group.
> >To unsubscribe from this group and stop receiving emails from it, send an
> >email to [email protected]
> ><mailto:[email protected]>.
> >To post to this group, send email to [email protected]
> ><mailto:[email protected]>.
> >Visit this group at http://groups.google.com/group/mojolicious.
> >For more options, visit https://groups.google.com/d/optout.
>
> --
> You received this message because you are subscribed to the Google Groups
> "Mojolicious" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to [email protected].
> To post to this group, send email to [email protected].
> Visit this group at http://groups.google.com/group/mojolicious.
> For more options, visit https://groups.google.com/d/optout.
--
You received this message because you are subscribed to the Google Groups
"Mojolicious" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
Visit this group at http://groups.google.com/group/mojolicious.
For more options, visit https://groups.google.com/d/optout.
