1. The problem I’m having:
I’m trying to retrieve the caddy metrics with a JS fetch
call. My metrics are behind a basic auth with the following caddyfile:
{
debug
admin off
}
(cors) {
@cors_preflight method OPTIONS
header {
Access-Control-Allow-Origin "{header.origin}"
Vary Origin
Access-Control-Expose-Headers "Authorization"
Access-Control-Allow-Credentials "true"
}
handle @cors_preflight {
header {
Access-Control-Allow-Methods "GET, POST, PUT, PATCH, DELETE"
Access-Control-Max-Age "3600"
}
respond "" 204
}
}
localhost {
import cors {header.origin}
basicauth {
# Username "bob", password "caddy"
bob $2a$14$ByLGH5zVnVzN1Jv7zeBQzeYzTNH9JLGvF9/8muK958xkNUdKJYFtG
}
metrics
}
It works well when I go on the page but I’m getting a cors error when I try to fetch that using fetch
from another domain.
2. Error messages and/or full log output:
PASTE OVER THIS, BETWEEN THE ``` LINES.
Please use the preview pane to ensure it looks nice.
3. Caddy version:
v2.7.6
4. How I installed and ran Caddy:
Using xcaddy
a. System environment:
macOS, in docker container and on the Mac
b. Command:
PASTE OVER THIS, BETWEEN THE ``` LINES.
./caddy run
d. My complete Caddy config:
PASTE OVER THIS, BETWEEN THE ``` LINES.
{
debug
admin off
}
(cors) {
@cors_preflight method OPTIONS
header {
Access-Control-Allow-Origin "{header.origin}"
Vary Origin
Access-Control-Expose-Headers "Authorization"
Access-Control-Allow-Credentials "true"
}
handle @cors_preflight {
header {
Access-Control-Allow-Methods "GET, POST, PUT, PATCH, DELETE"
Access-Control-Max-Age "3600"
}
respond "" 204
}
}
localhost {
import cors {header.origin}
basicauth {
# Username "bob", password "caddy"
bob $2a$14$ByLGH5zVnVzN1Jv7zeBQzeYzTNH9JLGvF9/8muK958xkNUdKJYFtG
}
metrics
}