So I’m trying to host a SPA website, and this website sends at one point a request to a different server using external library. But it fails - there is no CORS header.
(the external server is currently hosted on my internal network just for testing purposes)
I added cors
to my config file but it didn’t help.
This is my config file:
:2019
root ./dist
rewrite {
regexp .*
to {path} /
}
cors
Error from console:
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at http://10.55.50.111:8069/xmlrpc/2/common. (Reason: CORS header 'Access-Control-Allow-Origin' missing).
Request sent:
Host: 10.55.50.111:8069
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0
Accept: */*
Accept-Language: en-US,en;q=0.7,pl;q=0.3
Accept-Encoding: gzip, deflate
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,user-agent
Referer: http://localhost:2019/
Origin: http://localhost:2019
Connection: keep-alive
Response:
HTTP/1.0 200 OK
Content-Type: text/xml; charset=utf-8
Content-Length: 807
Server: Werkzeug/0.14.1 Python/3.6.8
Date: Mon, 09 Sep 2019 10:47:34 GMT
I thought I need a proxy of some kind. Unfortunately I’m a newbie and I don’t really understand how proxies work. But still I tried to make one.
I added this my config:
proxy /xmlrpc/2/common http:10.55.50.111:8069 {
transparent
header_downstream Access-Control-Allow-Origin "*"
}
And changed request IP inside my website’s javascript from 10.55.50.111:8069
to localhost
.
But it broke the request:
Sent request:
Host: localhost:2019
User-Agent: NodeJS XML-RPC Client
Accept: text/xml
Accept-Language: en-US,en;q=0.7,pl;q=0.3
Accept-Encoding: gzip, deflate
Referer: http://localhost:2019/
Content-Type: text/xml
Origin: http://localhost:2019
Content-Length: 317
Connection: keep-alive
Response:
HTTP/1.1 405 Method Not Allowed
Access-Control-Allow-Origin: *
Content-Type: text/plain; charset=utf-8
Server: Caddy
Vary: Origin
X-Content-Type-Options: nosniff
Date: Mon, 09 Sep 2019 10:37:00 GMT
Content-Length: 23
As you can see there is Method not allowed
in the response and I don’t know why.
How do I do this?