I tried updating my edx-platform/lms/envs/private.py file with CORS whitelist but not such luck. I also noticed that the Dates tab makes LMS API endpoint calls but that this frontend-app-learning wasn’t added to the CORS_ORIGIN_WHITELIST for edx-platform/lms/envs/devstack.py file.
############# CORS headers for cross-domain requests #################
ALLOWED_HOSTS = [
'*',
]
CORS_ORIGIN_WHITELIST = (
'http://localhost',
'http://48dc79f998c7',
'http://localhost:2000',
'http://edx.devstack.frontend-app-learning',
)
Sometimes I get CORS errors in the browser when the underlying cause is really an error on the request that’s being made – say the request threw an authentication error, but the 403 response doesn’t contain the usual CORS headers, so the browser shouts CORS.
You’ve checked that the page renders fine on its own, which is cool. But have you checked your nginx/lms logs to make sure the request isn’t erroring out in this situation due to something else, like JWT authentication, or Bad Request method, or something like that?
The REST URL had an extra /$ at the end of the Django URL path. When I removed that the CORS error and that HTTP 301 Redirect went away. Now I’m seeing HTTP 200.
I created a sample heartbeat endpoint like so by removing the extra /$ at the end of the URL path.
# edx-platform/lms/djangoapps/badges/api/views.py
from rest_framework.generics import RetrieveAPIView
class HeartbeatTabView(RetrieveAPIView):
"""
**Use Cases**
Returns heartbeat status of Badges API
**Example Requests**
GET /api/badges/v1/heartbeat/
**Response Values**
Body comprised of a list of objects with the following fields:
* status: Value to indicate that a successful response is okay for the badges api.
"""
def get(self, request, *args, **kwargs):
"""
"""
return Response({
'status': 'ok'
})
Now I’m see this for the LMS logs when called from the frontend-app-learning microfrontend.