Enable CORS

I need support to enable CORS in Kobo (noting that I am using humanitarian server)

Is this possible

Hi @Ahmad, this is possible if you are hosting your own instance of KoBo — for safety we cannot enable this on the production servers. In the admin interface of the instance you can adjust CORS settings here:

CORS

However depending on your use-case this might not be necessary. Is it possible to run your script outside of the browser? If so, you won’t have to deal with CORS issues.

2 Likes

Thank you so much @Josh , please note that I am using the “kobo.humanitarianresponse.info” server.

In regard to my use-case, please note that the main goal is to provide the ability to edit the records for the person who filled the form, I am not sure if sharing an html file is a good idea, but I am still searching to find the best way to do this.

FYI: I am not a programmer, and I am trying to find a good solution from the community here.

Again, thank you and to KoBo team for all the support.

Hi @Ahmad, in that case you will need to make sure the request is happening outside of the browser.

You can try using something like this as a simple script:

#!/usr/bin/env python3

import requests

ASSET_UID = 'your asset uid'
PK = 123456789 # the id of your submission
TOKEN = 'your secret token'
SERVER_URL = 'kobo.humanitarianresponse.info' # your server URL


def get_request_url():
    return f'{SERVER_URL}/api/v2/assets/{ASSET_UID}/data/{PK}/enketo/edit/?return_url=false'


def get_edit_url(request_url):
    res = requests.get(request_url, headers={'Authorization': f'Token {TOKEN}'})
    data = res.json()
    if 'url' in data:
        return data['url']
    else:
        return data['detail']


def main():
    request_url = get_request_url()
    edit_url = get_edit_url(request_url)
    print(edit_url)


if __name__ == '__main__':
    main()

You can copy-and-paste this into a file called edit.py, enter your details at the top and then run it (if you have python installed) like:

python3 edit.py

And it will give you something like:

https://ee.humanitarianresponse.info/edit/wqhDXK3X?instance_id=516510a3-6217-4f12-baa9-16abb528b10e&return_url=false

Or:

Not allowed. Record is already being edited
2 Likes

Thank you so much

2 Likes

I deployed a local kobo docker using kobo-install. I enabled the CORS origin as mentionned in the kf.kobo.local/admin interface. However my requests from the browser to the API kf.kobo.local/api/v2/assets/ are still coming back with the errors:

Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at xxx . (Reason: CORS header ‘Access-Control-Allow-Origin’ missing). Status code: 200.

Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at xxx. (Reason: CORS request did not succeed). Status code: (null).

Any suggestion?