Digital ocean spaces upload:Response to preflight request doesn't pass access control check fix [duplicate]
This question already has an answer here:
How to allow CORS?
24 answers
How does Access-Control-Allow-Origin header work?
13 answers
Using pre-signed URL method to upload a file from the browser(javascript) to spaces account. It has been blocked
Access to XMLHttpRequest at 'https://my/signed/url' from origin 'http://192.168.1.233:8000' has been blocked by CORS policy: Response to the preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
XMLHttpRequest
var blob = new Blob([e.target.files[0]], type: e.target.files[0].type);
var xhr = new XMLHttpRequest();
xhr.open('PUT', data.upload_url);
xhr.send(blob);
console.log(xhr.status)
Updated CORS Configurations(Host, Max Age and Allowed methods) in Spaces settings, but still the CORS header issue raises. What I'm actually missing here. The same works in python requests,
Python requests:
with open(archive_file, 'rb') as data:
response = requests.put(signed_uri, data=data)
Sending as file index from $.ajax() is even failing. Can anyone suggest me how can I upload from javascript without using nodejs or react
amazon-s3 cors xmlhttprequest digital-ocean
asked Nov 15 '18 at 8:16
Krish VKrish V
10711
marked as duplicate by sideshowbarker cors
Users with the cors badge can single-handedly close cors questions as duplicates and reopen them as needed.
StackExchange.ready(function()
if (StackExchange.options.isMobile) return;
$('.dupe-hammer-message-hover:not(.hover-bound)').each(function()
var $hover = $(this).addClass('hover-bound'),
$msg = $hover.siblings('.dupe-hammer-message');
$hover.hover(
function()
$hover.showInfoMessage('',
messageElement: $msg.clone().show(),
transient: false,
position: my: 'bottom left', at: 'top center', offsetTop: -7 ,
dismissable: false,
relativeToBody: true
);
,
function()
StackExchange.helpers.removeMessages();
);
);
);
Nov 15 '18 at 8:47
This question has been asked before and already has an answer. If those answers do not fully address your question, please ask a new question.
add a comment |
This question already has an answer here:
How to allow CORS?
24 answers
How does Access-Control-Allow-Origin header work?
13 answers
Using pre-signed URL method to upload a file from the browser(javascript) to spaces account. It has been blocked
Access to XMLHttpRequest at 'https://my/signed/url' from origin 'http://192.168.1.233:8000' has been blocked by CORS policy: Response to the preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
XMLHttpRequest
var blob = new Blob([e.target.files[0]], type: e.target.files[0].type);
var xhr = new XMLHttpRequest();
xhr.open('PUT', data.upload_url);
xhr.send(blob);
console.log(xhr.status)
Updated CORS Configurations(Host, Max Age and Allowed methods) in Spaces settings, but still the CORS header issue raises. What I'm actually missing here. The same works in python requests,
Python requests:
with open(archive_file, 'rb') as data:
response = requests.put(signed_uri, data=data)
Sending as file index from $.ajax() is even failing. Can anyone suggest me how can I upload from javascript without using nodejs or react
amazon-s3 cors xmlhttprequest digital-ocean
asked Nov 15 '18 at 8:16
Krish VKrish V
10711
marked as duplicate by sideshowbarker cors
Users with the cors badge can single-handedly close cors questions as duplicates and reopen them as needed.
StackExchange.ready(function()
if (StackExchange.options.isMobile) return;
$('.dupe-hammer-message-hover:not(.hover-bound)').each(function()
var $hover = $(this).addClass('hover-bound'),
$msg = $hover.siblings('.dupe-hammer-message');
$hover.hover(
function()
$hover.showInfoMessage('',
messageElement: $msg.clone().show(),
transient: false,
position: my: 'bottom left', at: 'top center', offsetTop: -7 ,
dismissable: false,
relativeToBody: true
);
,
function()
StackExchange.helpers.removeMessages();
);
);
);
Nov 15 '18 at 8:47
This question has been asked before and already has an answer. If those answers do not fully address your question, please ask a new question.
Turn on CORS on your server configuration (the problem is not on js/browser side)
– Kamil Kiełczewski
Nov 15 '18 at 8:24
@KamilKiełczewski Oh no, file uploads to be sent to digital ocean spaces(like aws-s3). No server involved here
– Krish V
Nov 15 '18 at 8:29
befeore you send file to s3 first your browser need send that file to your serwer - and on that serwer you need to turn on CORS. If you upload file directly from browser to s3 then this is NOT SECURE (because you need to use s3 credentials in browser code - so you expose it to grab by some hacker and use your s3 account)
– Kamil Kiełczewski
Nov 15 '18 at 8:31
I'm usingpre_signd_uri conceptgenerated bydjango-serverby which we can directly upload with the URI to the spaces in javascript, thereby keys won't be exposed, POSTMAN uploads byPUTrequest. Browser blocks.
– Krish V
Nov 15 '18 at 8:38
add a comment |
This question already has an answer here:
How to allow CORS?
24 answers
How does Access-Control-Allow-Origin header work?
13 answers
Using pre-signed URL method to upload a file from the browser(javascript) to spaces account. It has been blocked
Access to XMLHttpRequest at 'https://my/signed/url' from origin 'http://192.168.1.233:8000' has been blocked by CORS policy: Response to the preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
XMLHttpRequest
var blob = new Blob([e.target.files[0]], type: e.target.files[0].type);
var xhr = new XMLHttpRequest();
xhr.open('PUT', data.upload_url);
xhr.send(blob);
console.log(xhr.status)
Updated CORS Configurations(Host, Max Age and Allowed methods) in Spaces settings, but still the CORS header issue raises. What I'm actually missing here. The same works in python requests,
Python requests:
with open(archive_file, 'rb') as data:
response = requests.put(signed_uri, data=data)
Sending as file index from $.ajax() is even failing. Can anyone suggest me how can I upload from javascript without using nodejs or react
amazon-s3 cors xmlhttprequest digital-ocean
asked Nov 15 '18 at 8:16
Krish VKrish V
10711
This question already has an answer here:
How to allow CORS?
24 answers
How does Access-Control-Allow-Origin header work?
13 answers
Using pre-signed URL method to upload a file from the browser(javascript) to spaces account. It has been blocked
Access to XMLHttpRequest at 'https://my/signed/url' from origin 'http://192.168.1.233:8000' has been blocked by CORS policy: Response to the preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
XMLHttpRequest
var blob = new Blob([e.target.files[0]], type: e.target.files[0].type);
var xhr = new XMLHttpRequest();
xhr.open('PUT', data.upload_url);
xhr.send(blob);
console.log(xhr.status)
Updated CORS Configurations(Host, Max Age and Allowed methods) in Spaces settings, but still the CORS header issue raises. What I'm actually missing here. The same works in python requests,
Python requests:
with open(archive_file, 'rb') as data:
response = requests.put(signed_uri, data=data)
Sending as file index from $.ajax() is even failing. Can anyone suggest me how can I upload from javascript without using nodejs or react
This question already has an answer here:
How to allow CORS?
24 answers
How does Access-Control-Allow-Origin header work?
13 answers
amazon-s3 cors xmlhttprequest digital-ocean
amazon-s3 cors xmlhttprequest digital-ocean
asked Nov 15 '18 at 8:16
Krish VKrish V
10711
asked Nov 15 '18 at 8:16
Krish VKrish V
10711
asked Nov 15 '18 at 8:16
Krish VKrish V
10711
asked Nov 15 '18 at 8:16
Krish VKrish V
10711
asked Nov 15 '18 at 8:16
Krish VKrish V
10711
10711
marked as duplicate by sideshowbarker cors
Users with the cors badge can single-handedly close cors questions as duplicates and reopen them as needed.
StackExchange.ready(function()
if (StackExchange.options.isMobile) return;
$('.dupe-hammer-message-hover:not(.hover-bound)').each(function()
var $hover = $(this).addClass('hover-bound'),
$msg = $hover.siblings('.dupe-hammer-message');
$hover.hover(
function()
$hover.showInfoMessage('',
messageElement: $msg.clone().show(),
transient: false,
position: my: 'bottom left', at: 'top center', offsetTop: -7 ,
dismissable: false,
relativeToBody: true
);
,
function()
StackExchange.helpers.removeMessages();
);
);
);
Nov 15 '18 at 8:47
This question has been asked before and already has an answer. If those answers do not fully address your question, please ask a new question.
marked as duplicate by sideshowbarker cors
Users with the cors badge can single-handedly close cors questions as duplicates and reopen them as needed.
StackExchange.ready(function()
if (StackExchange.options.isMobile) return;
$('.dupe-hammer-message-hover:not(.hover-bound)').each(function()
var $hover = $(this).addClass('hover-bound'),
$msg = $hover.siblings('.dupe-hammer-message');
$hover.hover(
function()
$hover.showInfoMessage('',
messageElement: $msg.clone().show(),
transient: false,
position: my: 'bottom left', at: 'top center', offsetTop: -7 ,
dismissable: false,
relativeToBody: true
);
,
function()
StackExchange.helpers.removeMessages();
);
);
);
Nov 15 '18 at 8:47
This question has been asked before and already has an answer. If those answers do not fully address your question, please ask a new question.
Turn on CORS on your server configuration (the problem is not on js/browser side)
– Kamil Kiełczewski
Nov 15 '18 at 8:24
@KamilKiełczewski Oh no, file uploads to be sent to digital ocean spaces(like aws-s3). No server involved here
– Krish V
Nov 15 '18 at 8:29
befeore you send file to s3 first your browser need send that file to your serwer - and on that serwer you need to turn on CORS. If you upload file directly from browser to s3 then this is NOT SECURE (because you need to use s3 credentials in browser code - so you expose it to grab by some hacker and use your s3 account)
– Kamil Kiełczewski
Nov 15 '18 at 8:31
I'm usingpre_signd_uri conceptgenerated bydjango-serverby which we can directly upload with the URI to the spaces in javascript, thereby keys won't be exposed, POSTMAN uploads byPUTrequest. Browser blocks.
– Krish V
Nov 15 '18 at 8:38
add a comment |
Turn on CORS on your server configuration (the problem is not on js/browser side)
– Kamil Kiełczewski
Nov 15 '18 at 8:24
@KamilKiełczewski Oh no, file uploads to be sent to digital ocean spaces(like aws-s3). No server involved here
– Krish V
Nov 15 '18 at 8:29
befeore you send file to s3 first your browser need send that file to your serwer - and on that serwer you need to turn on CORS. If you upload file directly from browser to s3 then this is NOT SECURE (because you need to use s3 credentials in browser code - so you expose it to grab by some hacker and use your s3 account)
– Kamil Kiełczewski
Nov 15 '18 at 8:31
I'm usingpre_signd_uri conceptgenerated bydjango-serverby which we can directly upload with the URI to the spaces in javascript, thereby keys won't be exposed, POSTMAN uploads byPUTrequest. Browser blocks.
– Krish V
Nov 15 '18 at 8:38
Turn on CORS on your server configuration (the problem is not on js/browser side)
– Kamil Kiełczewski
Nov 15 '18 at 8:24
Turn on CORS on your server configuration (the problem is not on js/browser side)
– Kamil Kiełczewski
Nov 15 '18 at 8:24
@KamilKiełczewski Oh no, file uploads to be sent to digital ocean spaces(like aws-s3). No server involved here
– Krish V
Nov 15 '18 at 8:29
@KamilKiełczewski Oh no, file uploads to be sent to digital ocean spaces(like aws-s3). No server involved here
– Krish V
Nov 15 '18 at 8:29
befeore you send file to s3 first your browser need send that file to your serwer - and on that serwer you need to turn on CORS. If you upload file directly from browser to s3 then this is NOT SECURE (because you need to use s3 credentials in browser code - so you expose it to grab by some hacker and use your s3 account)
– Kamil Kiełczewski
Nov 15 '18 at 8:31
befeore you send file to s3 first your browser need send that file to your serwer - and on that serwer you need to turn on CORS. If you upload file directly from browser to s3 then this is NOT SECURE (because you need to use s3 credentials in browser code - so you expose it to grab by some hacker and use your s3 account)
– Kamil Kiełczewski
Nov 15 '18 at 8:31
I'm using
pre_signd_uri concept generated by django-server by which we can directly upload with the URI to the spaces in javascript, thereby keys won't be exposed, POSTMAN uploads by PUT request. Browser blocks.– Krish V
Nov 15 '18 at 8:38
I'm using
pre_signd_uri concept generated by django-server by which we can directly upload with the URI to the spaces in javascript, thereby keys won't be exposed, POSTMAN uploads by PUT request. Browser blocks.– Krish V
Nov 15 '18 at 8:38
add a comment |
0
active
oldest
votes
0
active
oldest
votes
0
active
oldest
votes
active
oldest
votes
active
oldest
votes
Turn on CORS on your server configuration (the problem is not on js/browser side)
– Kamil Kiełczewski
Nov 15 '18 at 8:24
@KamilKiełczewski Oh no, file uploads to be sent to digital ocean spaces(like aws-s3). No server involved here
– Krish V
Nov 15 '18 at 8:29
befeore you send file to s3 first your browser need send that file to your serwer - and on that serwer you need to turn on CORS. If you upload file directly from browser to s3 then this is NOT SECURE (because you need to use s3 credentials in browser code - so you expose it to grab by some hacker and use your s3 account)
– Kamil Kiełczewski
Nov 15 '18 at 8:31
I'm using
pre_signd_uri conceptgenerated bydjango-serverby which we can directly upload with the URI to the spaces in javascript, thereby keys won't be exposed, POSTMAN uploads byPUTrequest. Browser blocks.– Krish V
Nov 15 '18 at 8:38