Caddy instructions don't work with v2

monsur / enable-cors.org

Advocacy for CORS

http://enable-cors.org/

208 stars 98 forks source link

Caddy instructions don't work with v2 #153

Closed willstott101 closed 4 months ago

willstott101 commented 4 years ago

The cors extension/directive isn't included by default in v2.

run: adapting config using caddyfile: /etc/caddy/Caddyfile:28: unrecognized directive: cors

This post has a bit more information: https://caddy.community/t/v2-how-to-add-the-cors-authorization-via-caddyfile/6567/2

What I think should work is just using the header directive directly like this:

# Allow all cross origin requests
header {
    Access-Control-Allow-Origin *
    -Server
}

However I've ended up solving my problem another way, so haven't tested enough to start a PR

monsur commented 4 years ago

Hi, thanks for find this! Would you be able to submit a changelist to fix it? I'm not familiar with Caddy.

joshbmarshall commented 2 years ago

This works in Caddy2:

        header {
                Access-Control-Allow-Headers *
                Access-Control-Allow-Methods *
                Access-Control-Allow-Origin *
        }
        @options {
                method OPTIONS
        }
        respond @options 204

rozza-m commented 4 months ago

Just fell into this trap and lost some hours to it, like probably hundreds or thousands of other people. enable-cors.org is the #1 site on google for "caddy cors" and the information has been wrong since Caddy 2 (which is widely branded just "caddy") came out, which is coming up for 4 years ago.

It's not just not working, enable-cors.org is actively giving incorrect information. If you can't update it, just remove it at least so it's not wrong.

rozza-m commented 4 months ago

Pull created.

joshbmarshall commented 4 months ago

Did you try my suggested fragment above? I'm using it in production on dozens of sites.

monsur commented 4 months ago

@joshbmarshall would you be able to create a change? I'm happy to approve, but I'm not familiar with Caddy to make the change myself. If its a matter of just copying/pasting the code from your snippet above, I can do that as well. I'd just like verification that that is the correct snippet. Thanks!

joshbmarshall commented 4 months ago

Sure thing I've just created a new page for Caddy 2 and a pull request. I'm using it in production with this setting so I know it is correct.

rozza-m commented 4 months ago

amazing, this is a way better fix than mine :)