'Getting a 405 error when loading static files after POST redirect in flask
I am pretty new to flask programming and have hit a roadblock. I'm trying to display a form on a page and POST it's data to the same site. When I'm done handling the POST data I try to render the page the same way I would using a GET, but the static CSS file fails to load with a 405: Method not allowed. The same behavior shows when I try to return a redirect to the same page, so it uses GET. I believe it is a cross-site-origin problem, but I've tried all the solutions I've found and the issue persisted so far.
My HTML form:
<form method="POST">
<input type="text" id="adduser" name="add" placeholder="Username">
<button type="submit"><i class="icon-plus"></i></button><br>
<label for="adduser"><small>Add user</small></label><br>
</form>
My flask code:
...
app = Flask(__name__)
# I've also tried this without the resources tag and the after_request handler
CORS(app, supports_credentials=True, resources={r"*": {"origins": "*"}})
@app.after_request
def after_request(response):
response.headers.add('Access-Control-Allow-Headers', 'Content-Type, Authorization')
response.headers.add('Access-Control-Allow-Methods', 'GET, POST, PATCH, DELETE, OPTIONS')
response.headers.add('Access-Control-Allow-Origin', '*')
return response
...
# Redacted some more GET endpoints
...
@app.route("/folders/<path:subpath>", methods=['GET', 'POST'])
def view_folder(subpath):
# Gather user data and validate path
...
if request.method == 'POST':
# Handle data and update db
pass # ...
# Also tried redirect(url_for('view_folder', subpath=subpath))
return render_template('view_folder.html', folder=subpath)
This works when performing a normal GET request, but when the form POSTs the static resources do not get loaded by the rendered template, but fail with a 405 instead.
The network tool on my browser shows the following:
General:
Request URL: http://127.0.0.1:5000/static/main.css
Request Method: GET
Status Code: 405 METHOD NOT ALLOWED
Remote Address: 127.0.0.1:5000
Referrer Policy: strict-origin-when-cross-origin
Response Headers:
Access-Control-Allow-Headers: Content-Type, Authorization
Access-Control-Allow-Methods: GET, POST, PATCH, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Allow: HEAD, GET, OPTIONS
Content-Length: 178
Content-Type: text/html; charset=utf-8
Date: Sat, 16 Apr 2022 13:17:46 GMT
Server: Werkzeug/2.1.1 Python/3.10.0
The HTML loading the CSS looks like this:
<link rel="stylesheet" type="text/css" href="{{ url_for('static', filename='main.css') }}" />
Am I missing a CORS setting for static files or something else obvious?
Solution 1:[1]
Okay, I found the problem:
You have to read out request.form at least once in your view code, else it won't properly load/process the form data, at least that's how I interpret this.
So a
if request.method == 'POST':
data = request.form
fixes the problem.
Sources
This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.
Source: Stack Overflow
| Solution | Source |
|---|---|
| Solution 1 | atlasax |