search

jalik / meteor-jalik-ufs

Upload File System for Meteor **DISCONTINUED**
MIT License
100 stars 29 forks source link

No 'Access-Control-Allow-Origin' header is present on the requested resource. #101

Open cricrio opened 7 years ago

cricrio commented 7 years ago

I have deployed my app following this tutorial : https://medium.com/@tomgoldenberg/deploying-a-meteor-app-with-nginx-from-scratch .

Everything is working but I can't upload images. I have a error when I try to upload : "No 'Access-Control-Allow-Origin' header is present on the requested resource".

I understand that it's CORS problem but I don't find how to solve it.

jalik commented 7 years ago

@cricrio I am sorry I've never encountered this error and I can't fix or debug if I don't have the same context (environment) as you...

note : the link you gave leads to a 404 error.

cricrio commented 7 years ago

Sorry, here is a link that work : https://medium.com/@tomgoldenberg/deploying-a-meteor-app-with-nginx-from-scratch-1332b32e99a5#.xps7wz6gt

jalik commented 7 years ago

@cricrio, do you have this problem if you run the app by executing meteor run ? Or is this a problem related to Nginx ?

cricrio commented 7 years ago

I don't have this problem with meteor run. I only have this problem when I deploy on my server. So It may be related to Nginx.

mmazloum commented 7 years ago

WebApp.rawConnectHandlers.use(function(req, res, next) { res.setHeader("Access-Control-Allow-Origin", "*"); return next(); });

in your main.js on server startup should do the trick ;-) @cricrio

jalik commented 7 years ago

@mmazloum UFS is already handling that : https://github.com/jalik/jalik-ufs/blob/master/ufs-server.js#L58-L63 https://github.com/jalik/jalik-ufs/blob/master/ufs-server.js#L85 https://github.com/jalik/jalik-ufs/blob/master/ufs-server.js#L110

I think it's more a problem of server config, @cricrio have a look at this sample Nginx config :


# Hide server info
server_tokens off;

# Allow web sockets
map $http_upgrade $connection_upgrade {
    default upgrade;
    '' close;
}

# Load balancing setup
upstream myapp {
    ip_hash;
    server server1:3000;
    server server2:3000;
    server server3:3000;
}

# Redirect to HTTPS
server {
    listen 80 default_server;
    listen [::]:80 default_server;
    server_name yourserver.com;
    return 301 https://$server_name$request_uri;
}

server {
    listen 443 ssl;
    listen [::]:443 ssl;
    server_name yourserver.com;
    ssl on;

    # SSL Certificats
    ssl_certificate /etc/letsencrypt/live/yourserver.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/yourserver.com/privkey.pem;
    #ssl_trusted_certificate /etc/nginx/ssl/yourserver.com/ca-certs.pem;

    # Improve SSL performances
    ssl_stapling on;
    ssl_session_cache shared:SSL:10m;
    ssl_session_timeout 5m;

    # Improve SSL security
    ssl_prefer_server_ciphers on;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:ECDHE-RSA-RC4-SHA:ECDHE-ECDSA-RC4-SHA:RC4-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!3DES:!MD5:!PSK';

    # Enable HSTS to avoid SSL stripping
    add_header Strict-Transport-Security "max-age=31536000;";

    # If your application is not compatible with IE <= 10, this will redirect visitors to a page advising a browser update
    # This works because IE 11 does not present itself as MSIE anymore
    if ($http_user_agent ~ "MSIE" ) {
           return 303 https://browser-update.org/update.html;
    }

    location / {
        proxy_pass http://myapp;
        #proxy_set_header X-Forwarded-For $remote_addr; # preserve client IP
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Nginx-Proxy true;
        proxy_set_header Host $host;
        proxy_redirect off;

        # Websockets
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade; # allow websockets
        proxy_set_header Connection $connection_upgrade;

        # this setting allows the browser to cache the application in a way compatible with Meteor
        # on every application update the name of CSS and JS file is different, so they can be cache infinitely (here: 30 da$
        # the root path (/) MUST NOT be cached
        if ($uri != '/') {
            expires 30d;
        }
    }
}```