CORS issue with Snowstorm despite updating nginx setup and application.properties
Closed this issue · 2 comments
I am facing issues with CORS while trying to access the Snowstorm REST API. Despite trying several configurations, the CORS policy still blocks my requests. I`m using SnowStorm with Docker
Steps to Reproduce
- Set up Snowstorm and configure
nginx. - Modify
application.propertiesto include: snowstorm.rest-api.cors-allowed-origins=* - Attempt to fetch data from the Snowstorm API from a web application.
Expected Behavior
The API should return the data without being blocked by the CORS policy.
Actual Behavior
The API request is blocked by CORS, and I receive the following error message in the console:
ccess to fetch at 'http://localhost:8080/MAIN/relationships?source=725655004&offset=0&limit=50' from origin 'null' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
index.html?email=a%40um.es:2471
GET http://localhost:8080/MAIN/relationships?source=725655004&offset=0&limit=50 net::ERR_FAILED 200 (OK)
I faced same issue recently. https://gist.github.com/Stanback/7145487#gistcomment-2309997 this workaround worked for me . This snippet adds cors support at nginx level.
https://gist.github.com/kaicode/b186e2c780f11637e00640ede900d187
This alternative Snowstorm docker setup adds Nginx which serves Snowstorm with CORS headers on port 80.
$ curl -si http://localhost/fhir/CodeSystem | grep Access
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
Using this configuration:
- Snowstorm FHIR API is here: http://localhost/fhir
- Snowstorm SNOMED Native (non-standard) API is here: http://localhost/snowstorm/snomed-ct
- SNOMED Browser is here: http://localhost/browser