bluenviron / mediamtx

Ready-to-use SRT / WebRTC / RTSP / RTMP / LL-HLS media server and media proxy that allows to read, publish, proxy, record and playback video and audio streams.
MIT License
12.18k stars 1.53k forks source link

Custom WebRTC Player PATCH CORS issue #2941

Closed 0xAl3xH closed 9 months ago

0xAl3xH commented 9 months ago

Which version are you using?

v1.4.2

Which operating system are you using?

Describe the issue

Description

Describe how to replicate the issue

I am trying to get a custom WebRTC video player working by starting off and modifying the video player that is currently served up when we visit a stream URL. Besides pointing the fetch requests in the video player to my stream endpoint, I have changed nothing. However, I am running into a CORS issue at the PATCH request:

Access to fetch at '[my stream url]/whep/f521a85c-f128-45cf-8d40-70fb9c6cb9a1' from origin 'null' has been blocked by CORS policy: Method PATCH is not allowed by Access-Control-Allow-Methods in preflight response.

I thought this could be because I'm making the request from a file:// so I tried using a simple local http server but got similar results

Access to fetch at '[my stream url]/whep/918515f7-2bc2-4e7e-a1b4-c56f8e20caff' from origin 'http://127.0.0.1:8080' has been blocked by CORS policy: Method PATCH is not allowed by Access-Control-Allow-Methods in preflight response.

I would like to be able to modify/use the current video player served by MediaMTX as a baseline so it would be great to know if this is an issue or how I can get it working.

Did you attach the server logs?

no

Did you attach a network dump?

no

0xAl3xH commented 9 months ago

This turned out to be our own issue and not MediaMTX. We have a proxy server in front of MediaMTX which didn't have PATCH under Access-Control-Allow-Methods and If-Match under Access-Control-Allow-Headers

ggregory8 commented 6 months ago

I am getting the same error Access to fetch at 'http://x.x.x.x:8889/cam/whep/c68427b1-05df-4ea3-8f01-36546a7aa597' from origin 'http://127.0.0.1:8080' has been blocked by CORS policy: Method PATCH is not allowed by Access-Control-Allow-Methods in preflight response when using the sample /webrtc/read_index.html page from an external source from my development machine and pointing the fetch requests to the server like OP did.

I can see the returned header is missing the PATCH option Access-Control-Allow-Methods: PUT, GET, HEAD, POST, DELETE, OPTIONS even though I confirmed the server is setting it here as Access-Control-Allow-Methods: OPTIONS, GET, POST, PATCH, DELETE. Is this response getting routed through somewhere else that is changing the Access-Control-Allow-Methods header?

I am running current main branch. And not running through any proxy.

@0xAl3xH what proxy were you using and your solution?