So I am quite confused by this CORS policy stuff, and hoping someone could try explain it to me a little better.
Here is the situation. I want to access the Google Gmail API inside my Wappler App
I added the project to Google developer console
Opened Wappler, created a new project, made sure it was on a real domain with an Apache webserver.
Before even creating a single file in the app, I wanted to begin with Server Connect and see if I could use the Google provided credentials to make the connection.
Created new server action
Added OAuth2 Provider
Entered Name, Chose Google as the Service, added the Client Id and Client Secret from the Google Console, left Token Handling as Session, left Verify SSL on, no params added and did not check the box for Client Credentials.
Added OAuth2 Authorize
Chose my Provider, and added a single scope to the https://www.googleapis.com/auth/gmail.readonly
Hit save to the Server Action, and clicked the Run In Browser button, it gave an error right away from a google screen saying add the path to the Authorized redirect URIs in the google developer console. Went and did that, saved, and in Wappler hit the Run In Browser button again from the Server Connect side.
This ran perfectly, asked what Google Account I wanted to use from my huge list, i clicked the one i wanted, then gave me a security warning about my Google Developer Console App no being safe which i said is fine, then asked me to add permissions in my google account for this request.
All went well
I created an index.php file and added all the standard stuff, like App Connect, Bootstrap etc. Added one fake paragraph on the page, and then added a call to my newly created and tested server action, I made it AutoLoad.
Thanks Dave, good idea, tried it, sadly still got the same error.
I also added to my .htaccess file earlier
<IfModule mod_headers.c>
Header set Access-Control-Allow-Origin "*"
</IfModule>
As well as now your code in the head section, but same thing.
I think this is why I am confused, is it moaning about my own website or about google console, because i have added every permutation of redirect URL there too to try and get around it but with no real luck.
Can be a total nightmare and every time we have had success with CORS a few weeks later Chrome updates and seems to throw a load more complications in to the equation. That and we make changes server side which not all users have access to (we run all our own servers so we have that luxury). Sometimes it is worth contacting your hosts support and more often than not they can offer a solution.
Hahaha, in my case, i have the same situation as you, I have my own server, so I am meant to do something on my own server to fix it as I can do whatever i want, the problem is, I am no expert server admin guy, so my hosting provider tells me to ask my server admin, and then i have a conversation with myself and after an hour of arguing with myself i’m stuck in the same boat.
sadly, yeah, i did try that too. lol, the error is just silly in my opinion.
i honestly do not know if I am meant to be looking at my server, my files, or the google developer console, so far I am just adding entries to all in the hopes that if i throw enough paint around the room pretty soon it will all be covered and work.
I am reading through your first link at the moment and thats given me some tips, so trying a few things now.
Thanks so much for all the resources Dave, at least I now have a number of things i can fiddle around with, after watching a chinese youtube video for about 29 minutes which gave no clear answer at all, I had kind of reverted to here, but these links are all very helpful so far. Thanks
I think I have officially tried every method in every post you gave now Dave, and I still can not get around this CORS policy error. Anyone else got any other ideas of what I could possibly try, I would be very grateful. @patrick fixed a similar error I was having once when I was trying to access the Wappler API without me doing anything or a Wappler update, so I assume he made a change on the Wappler server to fix that, so im hoping it’s just something like that on my side.
