CORS (Access-Control-Allow-Origin) error while using RASA HTTP API, RASA version == 1.1.6

Using ajax call to my local RASA server. I am using RASA version 1.1.6. RASA installed in Windows server.

Local RASA server started with command -

rasa run -p 7500 --enable-api -m models --credentials socket_credentials.yml --endpoints endpoints.yml --cors ‘*’

Also some time I am using following command to run RASA model -

rasa run -p 7500 --enable-api -m models --credentials socket_credentials.yml --endpoints endpoints.yml --cors Access-Control-Allow-Origin

Error I am getting:

Access to XMLHttpRequest at -’ from origin ‘null’ has been blocked by CORS policy: No ‘Access-Control-Allow-Origin’ header is present on the requested resource.

Requesting your help and guidance on the above issue.

Have you got the solution? I am facing same problem.

Could you upgrade to the latest Rasa version and try again?

Hi @vermadev54, I resolved that error by replacing the port in ajax call. I replaced the port 5055 with 5005, then it works.

This is happening because of the CORS (Cross Origin Resource Sharing) . For every HTTP request to a domain, the browser attaches any HTTP cookies associated with that domain. This is especially useful for authentication, and setting sessions. You are doing an XMLHttpRequest to a different domain than your page is on. So the browser is blocking it as it usually allows a request in the same origin for security reasons. You need to do something different when you want to do a cross-domain request.

JSONP ( JSON with Padding ) is a method commonly used to bypass the cross-domain policies in web browsers. You’re on domain , and you want to make a request to domain example.nett . To do so, you need to cross domain boundaries. JSONP is really a simple trick to overcome the XMLHttpRequest same domain policy. So, instead of using XMLHttpRequest we have to use < script > HTML tags, the ones you usually use to load JavaScript files , in order for JavaScript to get data from another domain.


If you need to enable CORS on the server in case of localhost, you need to have the following on request header.

Access-Control-Allow-Origin: http://localhost:9999