cvat: Remote access to CVAT, unable to connect remotely via LAN or internet domain (via :port or :port). Blocked by CORS policy: No 'Access-Control-Allow-Origin, Network Error and net::ERR CONNECTION REFUSED errors.
I deployed CVAT on an AWS instance and I struggled to access it remotely.
The errors I encountered along the way were:
Could not check authorization on the server. Error: Network Error.
blocked by CORS policy: No ‘Access-Control-Allow-Origin’
net::ERR_CONNECTION_REFUSED
Nevertheless, finally I managed to get it working. Following I report the solutions to this errors so it can help others and to prepare a PR to contribute.
Gathering of related issues:
-
Issue 165: How can I connect from other computers which are NOT on the LAN? #165
-
Issue 102:Connection from another computer gives Bad Request(400) #102
-
Issue 128: Access CVAT remotely via <HOST_IP>:port or <FQDN>:port? #128
Solution:
The following changes did the trick for me:
- Add following line to react_nginx.conf:
add_header Access-Control-Allow-Origin "*";
A react_nginx.conf example would be:
server {
root /usr/share/nginx/html;
# Any route that doesn't have a file extension (e.g. /devices)
location / {
try_files $uri $uri/ /index.html;
add_header Access-Control-Allow-Origin "*";
}
}
- To docker-compose.override.yml, add:
ALLOWED_HOSTS: '*'
UI_HOST: mysite.com
REACT_APP_API_HOST: mysite.com
A docker-compose.override.yml example would be:
version: "2.3"
services:
cvat:
environment:
ALLOWED_HOSTS: '*'
UI_HOST: mysite.com
ports:
- "80:8080"
cvat_ui:
build:
args:
REACT_APP_API_HOST: mysite.com
REACT_APP_API_PORT: 8080
Don’t forget to run the docker build again, using -f to include the file docker-compose.override.yml file. An example of this would be:
$ docker-compose -f docker-compose.yml -f docker-compose.override.yml build
$ docker-compose -f docker-compose.yml -f docker-compose.override.yml up -d
- To the
cvat/settings/base.pyfile. In lines 188 to 200, add a version of the UI_URL without the port number toCORS_ORIGIN_WHITELIST. I believe the reason for this is that sometimes if the port number is :80 and the URL is not in the LAN (<HOST-IP>:port), but instead it is a Fully Qualified Domain Name (<FQDN>:port), the port 80 is redundant (mydomain.com:80) and the errors arise.
My modified base.py is:
# Cross-Origin Resource Sharing settings for CVAT UI
UI_SCHEME = os.environ.get('UI_SCHEME', 'http')
UI_HOST = os.environ.get('UI_HOST', 'localhost')
UI_PORT = os.environ.get('UI_PORT', '3000')
CORS_ALLOW_CREDENTIALS = True
CSRF_TRUSTED_ORIGINS = [UI_HOST]
UI_URL = '{}://{}'.format(UI_SCHEME, UI_HOST)
# UI_WITHOUT_PORT must be added to CORS_ORIGIN_WHITELIST
UI_WITHOUT_PORT = UI_URL
if len(UI_URL):
UI_URL += ':{}'.format(UI_PORT)
CORS_ORIGIN_WHITELIST = [UI_URL, UI_WITHOUT_PORT]
CORS_REPLACE_HTTPS_REFERER = True
About this issue
- Original URL
- State: closed
- Created 5 years ago
- Reactions: 3
- Comments: 24 (8 by maintainers)
Commits related to this issue
- Update base.py Modification necessary for using CVAT from remote machines when accessing with FQDNs See https://github.com/opencv/cvat/issues/1011#issue-542817055 This might just be a hacky worka... — committed to LukeAI/cvat by LukeAI 4 years ago
- Update base.py Modification necessary for using CVAT from remote machines when accessing with FQDNs See https://github.com/opencv/cvat/issues/1011#issue-542817055 and https://github.com/opencv/cvat... — committed to LukeAI/cvat by LukeAI 4 years ago
- Update base.py (#1099) Modification necessary for using CVAT from remote machines when accessing with FQDNs See https://github.com/opencv/cvat/issues/1011#issue-542817055 and https://github.com/ope... — committed to cvat-ai/cvat by LukeAI 4 years ago
- Release 0.6.0 (#1238) * Release 0.5 (#705) * Changed version number (0, 5, 'final', 0). * Updated changelog file. * fixed default attribute values for tracked shapes (#703) * typo ? Should... — committed to cvat-ai/cvat by nmanovic 4 years ago
- Az/update data streaming (#1308) * Changed version number (0, 5, 'final', 0). * Updated changelog file. * fixed default attribute values for tracked shapes (#703) * Updated CHANGELOG with in... — committed to cvat-ai/cvat by azhavoro 4 years ago
- Update base.py (#1099) Modification necessary for using CVAT from remote machines when accessing with FQDNs See https://github.com/opencv/cvat/issues/1011#issue-542817055 and https://github.com/ope... — committed to cleemesser/cvat by LukeAI 4 years ago
- Az/update data streaming (#1324) * Changed version number (0, 5, 'final', 0). * Updated changelog file. * fixed default attribute values for tracked shapes (#703) * Updated CHANGELOG with in... — committed to cvat-ai/cvat by azhavoro 4 years ago
- Az/data streaming resolve conflicts (#1325) * Changed version number (0, 5, 'final', 0). * Updated changelog file. * fixed default attribute values for tracked shapes (#703) * Updated CHANGE... — committed to cvat-ai/cvat by azhavoro 4 years ago
- Az/data streaming resolve conflicts (#1326) * Changed version number (0, 5, 'final', 0). * Updated changelog file. * fixed default attribute values for tracked shapes (#703) * Updated CHANGE... — committed to cvat-ai/cvat by azhavoro 4 years ago
@yxftju , @LukeAI , now it became more difficult just because we use different ports for UI and server. The question was answered many times in Gitter. If you still cannot access your instance remotely please create an issue and submit your config files. Otherwise it is impossible to investigate.
In the nearest future we will simplify configuration of CVAT.
Is using CVAT on remote machines/servers not a very common use-case? Might it be possible to patch CVAT to be able to do this without having to make so many complicated config changes? Or at least Add these instructions to the Wiki? (I’d be happy to do the latter if it would be welcome?)
I have seen many labelling tools and it seems to be nerds that make them incapable of making anything sensible. Why even have an open source tool when no one can install them I have now spent days on this tool, days on dataturks and most other tools seems to be made for coders. If you cannot make simple tools stay away from it and keep coding in your corners. It is not supposed to be rocket science and we should for sure not change servers, PCs and everything because you cannot make simple configuration. This pisses me off completely and it is not even worth using any open source if you have the attitude of “we have answerred this question so many times” Well guys, there is reason why people ask. Because you obviously cannot make it understandable for most people. So either ditch the CVAT or make it work for normal people and not coders.
I do not know if this is because of the millenial attitude or if it is because I did hard hacking when I was younger (that is now 30 years ago) where you had to make sure things worked into the bare bones of the processor. But the annotation tool area is a complete mess. Why even use react. Rubbish and crap that only generates errors. MAde for the ones that wear the baseball cap backwards… Or is it because it is cool… Well…
If anyone is interested, I found a way to access CVAT from any hostname. It is very useful for me because I can now access it with the machine IP, as localhost or even as a tunnel using ngrok.
I’ve modified the traefik rules on the official docker-compose.yml file. You can find the file here.
@MimirRnD , to make the life a little bit easy we created https://cvat.org/. You can use it. You don’t need to install anything. Just register and upload your data.
Installation procedures were changed many times. You wrote a lot of words but nothing exactly about your problem. Be polite. The tool is free and helps a lot of people. My team spends a lot of time to delivery new features and make the product better. The best way to make the world better just help.