search

Rob--W / cors-anywhere

CORS Anywhere is a NodeJS reverse proxy which adds CORS headers to the proxied request.
MIT License
8.57k stars 5.99k forks source link

Configuring cors-anywhere with nginx #410

Open corsnginx opened 2 years ago

corsnginx commented 2 years ago

Hi, thank you for the helpful package! I am already using cors-anywhere locally to proxy requests. Now I need to install it to a server where it runs behind nginx. I tried to follow the issues that discussed a solution to this problem, but still with no success.

https://github.com/Rob--W/cors-anywhere/issues/143#issuecomment-452468128 https://github.com/Rob--W/cors-anywhere/issues/173

My frontend requests the cors proxy at https://backend.tld/cors/https://...

My nginx config looks like this: 

# upgrade to https 
server {
        listen 80 default_server;
        listen [::]:80 default_server;
        server_name _;
         return 301 https://$host$request_uri;
}
server {
        error_log  /var/log/nginx/error_log crit;

        # SSL configuration
        listen 443 ssl default_server;
        listen [::]:443 ssl default_server;
        ssl_certificate /etc/ssl/cloudflare-cert.pem;
        ssl_certificate_key /etc/ssl/cloudflare-key.pem;
        ssl_client_certificate /etc/ssl/cloudflare-client-cert.crt;
        ssl_verify_client on;

        location /cors/ {
                if ($request_uri ~ ^/cors/(.*) ) {
                        set $cors_request_uri $1;
                }

                proxy_pass http://localhost:1337/$cors_request_uri; # also tried with ip instead, but the server runs at localhost
                 proxy_buffering off;
        }

I configured the cors-anywhere server to log incoming requests, but I don't get any output. The nginx server returns "500 Internal Server Error" for all requests under "https://backend.tld/cors/https://...", but I dont have any errors in my logfile. At this point I assume I am just being stupid, because the related issues are already pretty detailed but I just cant figure it out and any help would be greatly appreciated.

Rob--W commented 2 years ago

There is not enough information here for me to help.

Somewhere, a server is clearly generating 500 Internal Server Error. It's not CORS Anywhere itself, and according to you your error log is empty. You've set error_level to crit. I don't know if that could potentially be hiding errors, but if it does you could try to increase the log verbosity by setting it to something different, as documented at https://nginx.org/en/docs/ngx_core_module.html#error_log