search

kerberos-io / factory

An enterprise ready, resilient and horizontal scalable solution for large video landscapes.
http://doc.kerberos.io/factory/first-things-first/
27 stars 9 forks source link

CORS Error on login #10

Closed mavericksy closed 2 years ago

mavericksy commented 2 years ago

Hi,

The enterprise install throws a CORS error when attempting to login. kerberos_cors_error

The API is just a subdomain of the factory domain.

cedricve commented 2 years ago

can you reach the api by by curling it or in the browser?

Kind regards, Verstraeten Cédric

On 5 Sep 2021, at 10:38, SumoSudo @.***> wrote:

 Hi,

The enterprise install has a CORS error when attempting to login.

The API is just a subdomain of the factory domain.

— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub, or unsubscribe.

mavericksy commented 2 years ago

Curling the factory.domain.com works. The api returns connection refused or not found.

api_backend curl_frontend

Sebastien-Meiffren commented 2 years ago

Hi I had the issue while doing my install. I've updated the configuration of nginx ... I'm trying to have it in a docker compose format therefore, my configuration is bit different : 

server
{
    listen 80;
    root /var/www/frontend;
    index index.html;
    location / {
        try_files $uri /index.html =404;
    }

    # Media: images, icons, video, audio, HTC
    location ~* \.(?:jpg|jpeg|gif|png|ico|cur|gz|svg|svgz|mp4|ogg|ogv|webm|htc)$ {
        expires 1M;
        access_log off;
        add_header Cache-Control "public";
    }

    # Javascript and CSS files
    location ~* \.(?:css|js)$ {
        try_files $uri =404;
        expires 1y;
        access_log off;
        add_header Cache-Control "public";
    }

    # Any route containing a file extension (e.g. /devicesfile.js)
    location ~ ^.+\..+$ {
        try_files $uri =404;
    }

    # I moved the API in the same domain name with an /api path. No more CORS issues
    location /api {
        proxy_pass http://127.0.0.1:8082;
    }
}

If you want to have it in a separate FQN, you need to add this in the API server configuration (still in NGINX)

  add_header 'Access-Control-Allow-Origin' '*' always; # if you are exposed on the internet, you will need to secure this line with the calling FQN
  add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS' always;
  add_header 'Access-Control-Allow-Headers' 'DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range' always;
  add_header 'Access-Control-Expose-Headers' 'Content-Length,Content-Range' always;
cedricve commented 2 years ago

By now should have been fixed, major changes have been added since this issue post.