1

I am working on my thesis about news recommendations and have been working on getting my web application running on AWS. My angular front-end runs on S3 with static hosting, my NodeJS back-end runs on Elastic Beanstalk along with my Flask API. The issue that I'm running into is that when I make a request from Node to Flask or even itself, I get a CROS Missing Allow Origin. I have therefore attempted to add these CORS headers, starting with access-control-allow-origin: * with GET, PUT, PATCH, PUT, DELETE, OPTIONS as methods. I have done this for both NodeJS as well as Flask, but the error remains unchanged. The site itself is available through mlbias.com with NodeJS being on the node.mlbias.com subdomain and Flask being on flask.mlbias.com (feel free to 'login' with any non-sensical username). Accessing the URLs directly does work, for example with node.mlbias.com/api/articles/headlines/ and flask.mlbias.com/test/ and it also works fine on localhost.

These images show a request that is made when opening an article, to add it to the user history. These images are from the same request.

enter image description here

enter image description here

NodeJS uses

app.use(express.json())

app.use((req, res, next) => {
  res.setHeader(
    "Access-Control-Allow-Origin",
    "*"
  );
  res.setHeader(
    "Access-Control-Allow-Headers",
    "Origin, X-Requested-With, Content-Type, Accept"
  );
  res.setHeader(
    "Access-Control-Allow-Methods",
    "GET, POST, PATCH, PUT, DELETE, OPTIONS"
  );

  next();
});

and Flask uses

import nltk
import numpy as np
from flask import Flask, request
from flask_restful import Api, Resource
from flask_cors import CORS, cross_origin
from nltk.sentiment import SentimentIntensityAnalyzer
from nltk.tokenize import word_tokenize
from sentence_transformers import SentenceTransformer

application = Flask(__name__)
CORS(application)
api = Api(application)

I would like to understand what exactly is causing this and how I could fix it. Thank you for your help

René Steeman
  • 347
  • 4
  • 16
  • 1
    I did a similar use case. A react front end and wrote a Spring BOOT REST API on Elastic Beanstalk. To handle CORS issues within the Spring BOOT Rest API, I used @CrossOrigin(origins = "*"). Is there a similar annotation or way of setting this in the code for NodeJS (I have not tried writing a REST API backend with Node - only Spring Boot) – smac2020 Apr 20 '22 at 13:23
  • @smac2020 After searching for alternatives to my app.use((...) => res.setHeader approach, I did find app.use(cors()), with cors being a package, but this did not resolve the issue. – René Steeman Apr 20 '22 at 13:26
  • 1
    A quick search pulled up -- https://stackabuse.com/handling-cors-with-node-js/. So this did not work for you on Elastic Beanstalk? – smac2020 Apr 20 '22 at 13:28
  • @smac2020 That is indeed one of the things that I tried but that for some reason doesn't work. – René Steeman Apr 20 '22 at 13:32
  • See this here - it may help. https://stackoverflow.com/questions/53371763/cors-on-aws-elastic-beanstalk – smac2020 Apr 20 '22 at 13:33
  • @smac2020 I have also tried that, but it didn't effect it. – René Steeman Apr 20 '22 at 13:36
  • Look at comments here - someone solve a similar issue - https://stackoverflow.com/questions/43533280/elastic-beanstalk-cors-configuration-for-post-request – smac2020 Apr 20 '22 at 13:47
  • @smac2020 I have gone over the comments, but did not find a solution for my situation, also note that I am not using tomcat. – René Steeman Apr 20 '22 at 14:18
  • Its not clear to me why a Spring BOOT Rest API with the CORS annotation works on EB well a similar REST API written in NODE JS does not work. I will keep looking into this. – smac2020 Apr 20 '22 at 14:22

1 Answers1

4

After further debugging, it became clear that it was not actually a CORS error, but instead a server timeout. This was caused by an error that occurred when connecting to the database and was not picked up by the debugging code as part of the connection details that were supposed to be printed were in fact not properly configured on the server causing both the DB connection to fail as well as the debugging code that was supposed to log such a problem. Luckily it only took a week and a half to locate the problem :(

René Steeman
  • 347
  • 4
  • 16
  • 1
    You are a godsend! Thank you! Our Mongo instance had died all together and I went looking for that in logs after I saw your answer, and sure enough, it was the cause. – elarcoiris Jun 30 '22 at 02:24
  • Thanks this was useful - in our case a DB patch had failed during the API deploy, which was causing a bad gateway error from nginx on Elastic Beanstalk, and the same misleading CORS errors in the browser. – jlmt Oct 10 '22 at 17:22