Django-cms + Wymeditor + Heroku + AWS s3 + Cors

Matteo Suppo

unread,

Oct 11, 2012, 1:25:19 PM10/11/12

to django...@googlegroups.com

Ok, here's a fun one.

I set up a django installation on Heroku, added the django-cms app, deployed on heroku, and collected the static files on AWS.

The problem is Django-CMS tries to load the js file for the wymeditor but AWS says:

MLHttpRequest cannot load https://s3.amazonaws.com/[...]/cms/js/wymeditor/skins/django/skin.js. Origin [...] is not allowed by Access-Control-Allow-Origin.

I actually searched a lot, and discovered this: http://docs.amazonwebservices.com/AmazonS3/latest/dev/cors.html

Seems like a solution, but even if I activated it, nothing works.

I'm at loss. It should work but it doesn't. Am I missing something here? Maybe it doesn't work the way I thought? Should I ask AWS directly?

Matteo Suppo

unread,

Oct 11, 2012, 1:42:18 PM10/11/12

to django...@googlegroups.com

Apparently with Firefox I don't have the CORS problem. It doesn't work either but at least it's a different error message:

Error: Permission denied to access property 'styleSheets'

styles = this._doc.styleSheets[0];
that brought me to this: http://stackoverflow.com/questions/2206586/wymeditor-across-subdomains-cross-site-permission-issue

Hmm I'll try it

Matteo Suppo

unread,

Oct 11, 2012, 1:57:30 PM10/11/12

to django...@googlegroups.com

I found this: http://comments.gmane.org/gmane.comp.python.django.django-cms/1202

and I decided to use tinymce for now. It's not solved though. I will do something, maybe.

On Thursday, October 11, 2012 7:25:19 PM UTC+2, Matteo Suppo wrote:

Zach Frank

unread,

Sep 7, 2013, 4:23:54 PM9/7/13

to django...@googlegroups.com, matteo...@gmail.com

Having this same problem... did you fix it? I'm using heroku, django-cms, s3 for static files and i'm getting the same domain origin error.. any new insights appreciated.

Z

Zach Frank

unread,

Sep 7, 2013, 4:31:42 PM9/7/13

to django...@googlegroups.com, matteo...@gmail.com

Having same problem.. did you figure anything out?

Z

On Thursday, October 11, 2012 12:57:30 PM UTC-5, Matteo Suppo wrote:

Dig

unread,

Sep 8, 2013, 11:34:42 AM9/8/13

to django...@googlegroups.com, matteo...@gmail.com

I don't think it's a django question. For security reasons, HTTP browser will block access resources in a different site(domain) by AJAX request. You should add Access-Control-Allow-Origin and Access-Control-Allow-Methods headers (response for OPTION request) to declar your willings.

--
You received this message because you are subscribed to the Google Groups "Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to django-users...@googlegroups.com.
To post to this group, send email to django...@googlegroups.com.
Visit this group at http://groups.google.com/group/django-users.
For more options, visit https://groups.google.com/groups/opt_out.

Reply all

Reply to author

Forward