Hi… I am building a chatbot using rasa. I have to deploy my bot on a linux server. So I am using nginx and running rasa at the backend…
my rasa version is : Rasa 1.7.1
nginx version: 1.16.1
I am running rasa with the following commands:
rasa run actions
python -m rasa run --m ./models --endpoints endpoints.yml --port 5005 -vv --enable-api --cors "*"
when i hit my ip… I can use rasa perfectly… but everyone other in my lan gets the following error
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at http://192.168.20.62:5005/webhooks/rest/webhook. (Reason: CORS request did not succeed).
this is my endpoint file:
i have tried all the solutions given in the forum but i am stuck here for days
can anyone help me with this please?
Hey @AnikaTabassum, I see that you’re already using the
--cors argument. The problem still appears to be related to CORS, however. Is there a chance it might be an Nginx configuration problem? Two things I would try are:
- Removing Nginx and having other people access port 5005 directly to see if it works
- Configuring Nginx in a way that enables it to handle CORS preflight requests (maybe enable cross-origin resource sharing will help, but I haven’t tried it personally)
Thanks! I found out that my 5005 port was blocked! I enabled the port by giving these commands in the terminal:
sudo /sbin/iptables -A INPUT -m state --state NEW -m tcp -p tcp --dport 5005 -j ACCEPT
The Same Origin Policy (SOP) is a security measure standardized among browsers. It is needed to prevent Cross-Site Request Forgery (CSRF). The “Origin” mostly refers to a “Domain”. Same Origin Policy prevents different origins (domains) from interacting with each other, to prevent attacks such as CSRF (Cross Site Request Forgery) through such requests, like AJAX. In other words, the browser would not allow any site to make a request to any other site. Without Same Origin Policy , any web page would be able to access the DOM of other pages.
If you need to enable CORS on the server in case of localhost, you need to have the following on request header.