search

DominoVagrant / demo

Apache License 2.0
0 stars 3 forks source link

CORS Header Example #14

Open JoelProminic opened 1 year ago

JoelProminic commented 1 year ago

If the user wants to call resources or agents on their real server from their test application on demo/DEMO, they'll need to configure the CORS headers for the server to allow access. We can do this with a document in the Configuration > Web > Internet Sites view in names.nsf.

I would like to writeup some quick instructions for how to do this, and consider if it is something that can be automated.

Note that these steps require additional roles for names.nsf. See #13.

JoelProminic commented 1 year ago

Here is my initial attempt (not yet tested) based on existing documents:

  1. Open demo/DEMO, names.nsf
  2. Open Configuration > Web > Internet Sites
  3. Click "Add Internet Site... > Web"
  4. Fill in document according to table below
  5. Save & Close
  6. Reopen the document and click Web Site > Create Rule
  7. Populate the fields as below
  8. Save & close
  9. Restart the server (can use vagrant reload for simplicity)
  10. Call a deployed agent to confirm that the headers are working.

Internet Site Document:

Label Field Value Notes
N/A Form WebSite
Descriptive name ISiteName demo/DEMO
Organization ISiteOrg DEMO
Use this website... WSIsDflt Yes ("1") TODO: Is there a better way to do this?
Host names or addresses Disabled by above option
Domino server that host this site WSHostingSrvrs "*"
Label Field Value Notes
N/A Form WebRule
Description Comment "Default Headers"
Type of rule MappingType HTTP response headers ("4")
Incoming URL Pattern RM_MapFrom "*"
HTTP Response Codes Hdr_Codes 200, 206, 304, 302, 301 (Number List) TODO: more?
Expires header Hdr_Ex_En Always add header ("2") TODO: this may be unrelated
N/A Hdr_Ex_Opt Specify as date ("1")
Specify as Date Hdr_Ex_Date choose a past date so that the cache is always expired ("12/14/2022")
Custom headers
Name (Row 1) Hdr_Cname_1 Access-Control-Allow-Origin
Value (Row 1) Hdr_Cval_1 Example: "https://localdev.prominic.net"
Override (Row 1) Hdr_C_Ovr_1 checked ("1") Change as desired
Applies to (Row 1) Hdr_CApplies_1 All ("3")
Name (Row 2) Hdr_Cname_2 Access-Control-Allow-Credentials UPDATE: Additional required header
Value (Row 2) Hdr_Cval_2 "true"
Override (Row 2) Hdr_C_Ovr_2 checked ("1") Change as desired
Applies to (Row 2) Hdr_CApplies_2 All ("3")

In addition, we need to enable the internet sites document in the server document

image

Label Field Value Notes
Load Internet configurations from Server\Internet Sites documents LdISite Enabled ("1")

Some additional documentation for future reference:

JoelProminic commented 1 year ago

While testing with Adrian today, we got another CORS error that I had forgotten:

Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at http://127.0.0.1:8080/PerformanceStats_BingTest.nsf/HostConfigComputedValueRead?OpenAgent. (Reason: expected ‘true’ in CORS header ‘Access-Control-Allow-Credentials’).

This just requires another header: "Access-Control-Allow-Credentials"="true". I updated the table above.

JoelProminic commented 1 year ago

Last week, I made an initial attempt to generate the documents using the JSON Import (#15) (note that the Access-Control-Allow-Credentials header is missing):

{ 
    "title": "Import test contact documents", 
    "versionjson": "1.0.0", 
    "steps": [ 
        { 
            "title": "--- Import Documents ---", 
            "databases": [ 
                { 
                    "action": "update", 
                    "filePath": "names.nsf", 
                    "documents":[
                        { 
                            "action": "create", 
                            "computeWithForm": true,
                            "items": {
                                "Form":"WebSite",
                                "ISiteName": "demo/DEMO",
                                "ISiteOrg": "DEMO",
                                "WSIsDflt": "1",
                                "WSHostingSrvrs": "*"
                            }
                        },
                        { 
                            "action": "create", 
                            "computeWithForm": true,
                            "items": {
                                "Form":"WebRule",
                                "Comment": "Default Headers",
                                "MappingType": "4",
                                "RM_MapFrom": "*",
                                "Hdr_Codes": [200, 206, 304, 302, 301],
                                "Hdr_Ex_En": "2",
                                "Hdr_Ex_Opt": "1",
                                "Hdr_Ex_Date": "12/14/2022",
                                "Hdr_Cname_1": "Access-Control-Allow-Origin",
                                "Hdr_Cval_1": "https://localdev.prominic.net",
                                "Hdr_C_Ovr_1": "1",
                                "Hdr_CApplies_1": "3"
                            }
                        },
                        {
                            "action": "update",
                            "findDocument": {
                                "Type": "Server",
                                "ServerName": "CN=demo/O=DEMO"
                            },
                            "computeWithForm": true,
                            "items": {
                                "LdISite": "1"
                            }
                        }
                    ]
                }
            ]
        }
    ]
}

This has the following problems:

If we don't have a workaround for the response document, this may need to be done with Java instead