CORS YASGUI issue

[ch-sander]

I fail to set up shmarql behing reverse proxy

docker-compose.yml

  nginx:
    image: nginx:latest
    container_name: nginx-proxy
    ports:
      - "8000:8000" # delete port from shmarql service as will be routed by nginx
    volumes:
      - ./config/nginx.conf:/etc/nginx/nginx.conf
#      - ./auth/.htpasswd:/etc/nginx/.htpasswd
    restart: unless-stopped

  shmarql:
    image: ghcr.io/epoz/shmarql:latest
    container_name: shmarql
    # ports:
    #   - "8000:8000"
    volumes:
      - ./databases:/data
      - ./app/results/rdf:/rdf
      - ./app/results/ontology:/ontology
      - ./app/data_oxigraph:/store
    environment:
      - DEBUG=1
      # - DATA_LOAD_PATHS=/rdf/
      - FTS_FILEPATH=/data/fts
      - RDF2VEC_FILEPATH=/data/vec
      - SCHEME=http://
      - DOMAIN=192.168.177.145:8000
      - SITE_URI=http://192.168.177.145/
      # - TBOX_PATH=/ontology/config.ttl
      - STORE_PATH=/store

nginx config

# daemon off;
events {
    worker_connections  1024;
}
http {
    server {
        server_name localhost 127.0.0.1 192.168.177.145;
        listen 8000;

        # Set CORS headers for all responses
        add_header 'Access-Control-Allow-Origin' '*' always;
        add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS' always;
        add_header 'Access-Control-Allow-Headers' 'Content-Type, Authorization' always;

        location / {
            if ($request_method = 'OPTIONS') {
                add_header 'Access-Control-Allow-Origin' '*';
                add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
                add_header 'Access-Control-Allow-Headers' 'Content-Type, Authorization';
                add_header 'Access-Control-Allow-Credentials' 'true';
                add_header 'Content-Type' 'text/plain; charset=utf-8';
                add_header 'Content-Length' 0;
                return 204;
            }

            proxy_pass http://shmarql:8000;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header Host $http_host;
            proxy_ignore_client_abort on;
        }
    }
}

• The shmarql endpoint works fine
• /sparql loads and shows YASGUI interface
• any query results in a CORS error:

  POST /sparql undefined
  Host: 127.0.0.1:8000
  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:129.0) Gecko/20100101 Firefox/129.0
  Accept: application/sparql-results+json,*/*;q=0.9
  Accept-Language: de,en-US;q=0.7,en;q=0.3
  Accept-Encoding: gzip, deflate, br, zstd
  Content-Type: application/x-www-form-urlencoded
  Content-Length: 250
  Origin: http://192.168.177.145:8000
  Connection: keep-alive
  Referer: http://192.168.177.145:8000/
  Sec-Fetch-Dest: empty
  Sec-Fetch-Mode: cors
  Sec-Fetch-Site: cross-site
  Priority: u=0

[ch-sander]

I also set

https://github.com/epoz/shmarql/blob/8811fddb8f7f4b104e504437564616cd2f290776/src/app/config.py#L4-L7

to *

No success, sadly. Will stop here.

[ch-sander]

Solved it, was a cache issue after all :( Nginx not needed as CORS is handled by fastapi sufficiently well.

But I didn't manage to not expose the public IP and have queries sent to the local network alone. It would seem safer if requests are only made within the Docker network, e.g. servicename:8000/sparql.

And I didn't test how all that behaves if behind a reverse proxy with https.