Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

XMLHttpRequest error in flutter web [Enabling CORS AWS API gateway]

Tags:

Note: It turns out that this had nothing to do with flutter and everything to do with the fact that I had set the API gateway to a Lambda Proxy

I am trying to hit an API endpoint from a Flutter web application, every time it errors out and gives me the following error.

Error getting sensor data: DioError [DioErrorType.RESPONSE]: XMLHttpRequest error.

I know there are several questions here on SO(like this and this) discussing this issue and the solution seems to be to enable CORS support on the server-side. I am using the AWS API gateway to build the API, I followed these instructions to enable CORS support from my API. Here are my CORS setting from the API gateway console.

enter image description here

The text in the "Access-Control-Allow-headers" is

'Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token'

Enabling CORS on the API gateway didn't seem to help, I am still getting the same error on my flutter web app when I try to hit an API.

The funny thing is, the API work perfectly fine if I hit the API from chrome (i.e. pasting the API URL on the browser and hitting enter). It only fails when I try to hit the API from the flutter web app.

Question: How do I enable CORS support in my API gateway so my flutter web app can use the API ?

like image 291
DrkStr Avatar asked Feb 12 '20 15:02

DrkStr

People also ask

What is Xmlhttprequest error in flutter?

This error is a Javascript error and it can be inspected from AndroidStudio terminal or from the browser console. If you run into this problem it means that the requests to the API server are failing due to a CORS error.

2 Answers

this worked for me, I added the below header on the lambda function

return {     statusCode: 200,      headers: {   "Access-Control-Allow-Origin": "*", // Required for CORS support to work   "Access-Control-Allow-Credentials": true, // Required for cookies, authorization headers with HTTPS   "Access-Control-Allow-Headers": "Origin,Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,locale",   "Access-Control-Allow-Methods": "POST, OPTIONS" },     body: JSON.stringify(item) };
like image 110
Daniel Hernandez Avatar answered Sep 19 '22 07:09

Daniel Hernandez

My server was using nginx so I solved the problem by adding the following two lines to the server block of the sites-enabled config file for my API server:

add_header Access-Control-Allow-Origin "*"; add_header Access-Control-Allow-Methods "GET, HEAD";

My app only uses GET and HEAD so you may need to add other methods depending on your situation.

See also: How to Enable CORS in Apache and Nginx?

like image 22
Suragch Avatar answered Sep 21 '22 07:09

Suragch
Sign in to Comment

Related questions

Project loom: what makes the performance better when using virtual threads?
Using C#/WIA version 2.0 on Vista to Scan
How do I change the locations of source files in a symbols file (pdb)
Executing dynamic SQL in a SQLServer 2005 function
Is it OK to use static variables to cache information in ASP.net?
CNG, CryptoServiceProvider and Managed implementations of HashAlgorithm
Why is the date appended twice on filenames when using Log4Net?
Is Root domain CNAME to other domain allowed by DNS RFC? [closed]
What are the implications of using unsafe code
How can I check out just the trunks of multiple projects from the same repository?
document.getElementById().value and document.getElementById().checked not working for IE
How to add a trigger to a WPF custom control without overriding the existing style?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!