quivr: [Bug]: CORS header 'Access-Control-Allow-Origin' missing

What happened?

If I want to go to http://somehost:3000/user I got an eternal spinner and the web console printed me this error “CORS header ‘Access-Control-Allow-Origin’ missing”. I tried it with localhost and with another computer and with firefox and chromium. Meanwhile the chat works.

Relevant log output

Access to XMLHttpRequest at 'http://192.168.20.124:5050/user' from origin,'http://192.168.20.124:3000' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.

Twitter / LinkedIn details

No response

About this issue

  • Original URL
  • State: closed
  • Created 9 months ago
  • Comments: 17 (5 by maintainers)

Most upvoted comments

🤖

Hello,

The “CORS header ‘Access-Control-Allow-Origin’ missing” error you’re encountering is likely due to the origin ‘http://somehost:3000’ not being included in the list of allowed origins in the CORS middleware configuration of Quivr.

To resolve this issue, you need to add ‘http://somehost:3000’ to the list of allowed origins in your cors.py file. Here’s how you can do it:

from fastapi.middleware.cors import CORSMiddleware

origins = [
    "http://localhost",
    "http://localhost:3000",
    "http://localhost:3001",
    "https://quivr.app",
    "https://www.quivr.app",
    "http://quivr.app",
    "http://www.quivr.app",
    "http://somehost:3000",  # Add this line
    "*",
]


def add_cors_middleware(app):
    app.add_middleware(
        CORSMiddleware,
        allow_origins=origins,
        allow_credentials=True,
        allow_methods=["*"],
        allow_headers=["*"],
    )

After making this change, your application should allow requests from ‘http://somehost:3000’, and you should no longer see the CORS error.

This solution is based on the current CORS middleware configuration in the Quivr codebase, which allows requests from the following origins:

It also allows all methods and headers, and credentials are allowed as well.

Please let me know if this resolves your issue or if you need further assistance.

Best regards.

Sources

This response is meant to be useful and save you time. It is not meant to be a precise solution, but rather a starting point for your own research.

Help me be more useful! Please leave a 👍 if this is helpful and 👎 if it is irrelevant.

If you want to continue the conversation, start your reply with @dosu-bot.

+4
dosubot[bot] on Sep 28, 2023

So, it seems like backend errors in code are also triggering the CORS errors.

I can confirm this. Had backend errors with file uploads and CORS issue appeared again.

+1
zoernert on Oct 8, 2023

I got the same issue too, and I already set the web domain in cors.py.

+1
chenmnkken on Oct 1, 2023
Read more comments on GitHub
← cactbot: 'ui/jobs' completely not working on 4.0
quivr: [Bug]: I have deployed it on the cloud server, but the interface keeps throwing errors.  →