Open arladmin opened 1 year ago
Any insights, anyone?
Use this
add_header 'Access-Control-Allow-Origin' '*'; add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS'; add_header 'Access-Control-Allow-Headers' 'User-Agent,Keep-Alive,Content-Type'; add_header 'Access-Control-Expose-Headers' 'Content-Length,Content-Range';
Hey any updates on this? I'm getting the same issues. My headers are not getting added. Or they seem to get added twice, which also breaks CORS.
Hey there,
I think I may also be facing a similar issue using NPM with the "Your_Spotify" self-hosted dashboard - everything works when I use localhost redirects for Oauth, but as soon as I redirect via my FQDN, I get CORS errors. I tried adding the headers mentioned above, but to no effect
Specifically, it's an SSL cipher mismatch error which seems to be caused by the CORS misbehavior:
Try edit data/nginx/proxy_host/x.conf (x means your website id 1 or 2 or 3 etc.,) like this
# ------------------------------------------------------------
# abc.domain.com
# ------------------------------------------------------------
map $scheme $hsts_header {
https "max-age=63072000; preload";
}
server {
set $forward_scheme http;
set $server "xxx.xxx.xxx.xxx";
set $port xxxx;
listen 80;
listen [::]:80;
server_name abc.domain.com;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $http_connection;
proxy_http_version 1.1;
access_log /data/logs/proxy-host-1_access.log proxy;
error_log /data/logs/proxy-host-1_error.log warn;
location / {
proxy_set_header Host $host;
proxy_set_header X-Forwarded-Scheme $scheme;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $http_connection;
proxy_http_version 1.1;
add_header 'Access-Control-Allow-Origin' '*';
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
add_header 'Access-Control-Allow-Headers' 'User-Agent,Keep-Alive,Content-Type';
add_header 'Access-Control-Expose-Headers' 'Content-Length,Content-Range';
# Proxy!
include conf.d/include/proxy.conf;
}
# Custom
include /data/nginx/custom/server_proxy[.]conf;
}
This issue still exists in v2.11.2!
Additionally, don't know why, but after editing the x.conf
file manually, the following config resolves this issue:
server {
...
add_header 'Access-Control-Allow-Origin' $http_origin always;
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS' always;
add_header 'Access-Control-Allow-Headers' 'User-Agent,Keep-Alive,Content-Type' always;
add_header 'Access-Control-Expose-Headers' 'Content-Length,Content-Range' always;
...
location / {
...
proxy_hide_header 'access-control-allow-origin';
...
}
}
Now, the issue that remains is: it's seemingly not possible to set the above config via the GUI.
Because, if any config added via the 'Custom Locations' setting, goes into the location
block only.
@jc21
Why is this so? And, how to be able to set this config via GUI itself?
Additionally, don't know why, but after editing the
x.conf
file manually, the following config resolves this issue:server { ... add_header 'Access-Control-Allow-Origin' $http_origin always; add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS' always; add_header 'Access-Control-Allow-Headers' 'User-Agent,Keep-Alive,Content-Type' always; add_header 'Access-Control-Expose-Headers' 'Content-Length,Content-Range' always; ... location / { ... proxy_hide_header 'access-control-allow-origin'; ... } }
Now, the issue that remains is: it's seemingly not possible to set the above config via the GUI. Because, if any config added via the 'Custom Locations' setting, goes into the
location
block only.@jc21
Why is this so? And, how to be able to set this config via GUI itself?
today i had a similar issue, just added a "custom locations" in that particular proxy host via. web gui
location : "/" Scheme, Hostname and Forward Port exactly the same as in Details
Press the gear symbol and i added the following in the "custom NGINX configuration" field:
add_header 'Access-Control-Allow-Origin' '*';
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
add_header 'Access-Control-Allow-Headers' 'User-Agent,Keep-Alive,Content-Type';
add_header 'Access-Control-Expose-Headers' 'Content-Length,Content-Range';
after that change, the CORS issue was gone and my homer dashboard finaly showed the uptime value
Checklist
jc21/nginx-proxy-manager:latest
docker image?Describe the bug
I keep running into CORS issues with my app (which is behind Nginx Proxy Manager).
Nginx Proxy Manager Version
2.9.19
To Reproduce
This is my config, under Custom Locations (location = '/')
This is the response in the browser, for the OPTIONS api call:
If i change the config to this:
then the response becomes this-->
What could be the issue here? And how do i go about resolving it?
Thanks.