Open cryptaliagy opened 4 days ago
Just a guess - have you tried putting the CORS filter in front of the gRPC-web filter in the HTTP filter chain?
@fengli79 @wbpcode in case there is a deeper issue.
Tried it again just now for good measure, but it was originally in front of the gRPC-web filter. I tried moving it behind to see if that would fix anything and it didn't
Title: CORS headers not set for pre-flight request for gRPC
Description:
When using Envoy to proxy gRPC calls from a web frontend to a gRPC backend. Based on the Grpc-Message in the pre-flight response header, it seems that the pre-flight OPTIONS call is being proxied to the gRPC backend and not being handled by Envoy even though the CORS filter is enabled.
When making calls, neither the
http.ingress_http.cors.origin_invalid
orhttp.ingress_http.cors.origin_valid
increment.Manually adding in the CORS headers using
response_headers_to_add
shows the pre-flight OPTIONS call still being forwarded to the proxy, but since the response includes the appropriate CORS headers the client is still able to make the appropriate POST.Repro steps:
I've created a sample repository to show the issue: https://github.com/cryptaliagy/grpc-web-rs
Reproduction steps are outlined in the README including screenshots of the investigation
Admin and Stats Output:
/clusters:
/server_info: server_info.json
/stats: stats.txt
Config: https://github.com/cryptaliagy/grpc-web-rs/blob/main/envoy.yaml
Logs:
logs.txt