Kaixhin / FGLab

Future Gadget Laboratory
https://kaixhin.github.io/FGLab/
MIT License
223 stars 34 forks source link

Cannot add project to host: Access-Control-Allow-Origin #17

Closed windj007 closed 8 years ago

windj007 commented 8 years ago

Hi!

Do not know, where to ask about FGLab, so asking here...

I deployed FGLab with two FGMachine instances via Docker on two separate nodes (one running lab+machine, second - only machine). I created a sample project scheme and uploaded it to the FGLab WUI.

Then, when I'm trying to add the project to a machine, the page throws an alert with message 'undefined'. In console, there is a message about cross-site scripting security. Please find the screenshot attached.

Any ideas, where to look and what to do?

Best regards, Roman. fglab

Kaixhin commented 8 years ago

The error is being triggered because something is going wrong with the CORS setup here - which reads in FGLAB_URL and should allow access from it. The fact that you're getting "home" (127.0.0.1) is strange. Could you post more details on the setup, including representative (fake) values for FGLAB_URL and FGMACHINE_URL?

windj007 commented 8 years ago

The setup was as follows: 1) node1 - fglab (docker), fgmachine (docker). FGLab listens to localhost:5080 these two containers are not linked together, but fgmachine references to fglab via http://localhost:5080 2) node2 - ssh tunnel to node1 which exposes 5080 to localhost of node2 and fgmachine in docker, which references to fglab also via localhost:5080. I was running the browser on my workstation, also via ssh tunnel. The idea was to protect installation (the servers are accessible from the WEB). Then, I realized that such a scheme cannot work due to direct requests from browser to machines. Now, I pointed fgmachine to public address node1:5080 and added iptables rules for protection.

So, this particular issue seems to be resolved.

Kaixhin commented 8 years ago

As you've identified, everything needs access to each other. If you're working with Docker, it should be possible to do multi-host networking (but I have no experience with this).