Closed jason-weiser closed 8 months ago
I'm going to guesstimate that this is the change that causes this:
Reverting back to 0.5.1 fixed this for me.
I am also having the same issue, cant request images from my website. Reverting to 0.5.1 like @krhnoo suggested, fixed the issue
Same. Nginx solution snippet:
add_header Access-Control-Allow-Origin *;
proxy_hide_header cross-origin-resource-policy;
add_header cross-origin-resource-policy cross-origin;
Do y'all think this is the cause of my problem? #64
This works for me but only when i added this line:
Header always set Cross-Origin-Resource-Policy "cross-origin"
my config for apache:
<VirtualHost yourdomain.com:443>
ServerName yourdomain.com
SSLEngine on
SSLCertificateFile fullchain.pem
SSLCertificateKeyFile privkey.pem
SSLCertificateChainFile fullchain.pem
SSLUseStapling on
SSLCipherSuite EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH
SSLProtocol +TLSv1.2 +TLSv1.3
SSLHonorCipherOrder On
SSLProxyEngine On
ProxyPreserveHost On
ProxyPass / http://localhost:8286/
ProxyPassReverse / http://localhost:8286/
RequestHeader set X-Forwarded-Proto "https"
Header always set Access-Control-Allow-Origin "yourdomain.com"
Header always set Access-Control-Allow-Methods "POST, GET, OPTIONS, DELETE, PUT"
Header always set Access-Control-Allow-Headers "x-requested-with, Content-Type, origin, authorization, accept, client-security-token"
Header always set Access-Control-Expose-Headers "Content-Security-Policy, Location"
Header always set Access-Control-Max-Age "600"
Header always set Cross-Origin-Resource-Policy "cross-origin"
#RemoteIPHeader CF-Connecting-IP
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
SSLStaplingCache shmcb:/tmp/stapling_cache(128000)
i have the same problem,back to version 0.5.1, the problem has been solved
should be fixed in next version
Hi! Thank you so much for your work on this project. I just started it up and it seems like it's exactly what I'm looking for.
I am having one issue, though, and I'm almost certain it has to do with my config.
I have everything behind an Apache reverse proxy and I can access my site, upload, and view images on there just fine, but when I try to embed those images into a different website, I get this error in firefox:
'The resource at “https://MYSITE.jpg” was blocked due to its Cross-Origin-Resource-Policy header (or lack thereof). See https://developer.mozilla.org/docs/Web/HTTP/Cross-Origin_Resource_Policy_(CORP)#'
Here is my docker-compose.yml:
And here's my Apache conf:
Like I said, I'm almost certain it's an issue with my config, but I can't seem to figure out what that is. Would you happen to know?