1. The problem I’m having:
I am trying to make a config that acts as dynamic CORS proxy like corsanywhere based on this Caddy as a CORS proxy
I am aware of this reply on a similar thread, but it didn’t help, unfortunately.
For some reason, I am getting HTTP 502 code, I assume this because of Caddy adding a slash before the URL as I saw in logs.
I tried logging using respond "Original URI: {http.request.uri} Original Path: {http.request.uri.path} Rewritten to: {uri}" 200
Got Original URI: https:/archive.org/robots.txt Original Path: https:/archive.org/robots.txt Rewritten to: https:/archive.org/robots.txt
I also tried adding https:// before {uri} but got
Error: adapting config using caddyfile: parsing caddyfile tokens for 'reverse_proxy': parsing upstream 'https://{http.request.uri}': due to parsing difficulties, placeholders are not allowed when an upstream address contains a scheme, at Caddyfile:59
2. Error messages and/or full log output:
{"level":"debug","ts":1730962007.8934832,"logger":"http.handlers.rewrite","msg":"rewrote request","request":{"remote_ip":"xxxxx","remote_port":"15428","client_ip":"xxxxxx","proto":"HTTP/2.0","method":"GET","host":"api.example.app","uri":"/https://archive.org/robots.txt","headers":{"Cf-Connecting-Ip":["xxxxx"],"X-Forwarded-For":["xxxxx"],"User-Agent":["curl/8.5.0"],"Accept-Encoding":["gzip, br"],"X-Forwarded-Proto":["https"],"Cdn-Loop":["cloudflare; loops=1"],"Cf-Ipcountry":["xxxx"],"Cf-Visitor":["{\"scheme\":\"https\"}"],"Accept":["*/*"],"Cf-Ray":["xxxxxx-xxxx"]},"tls":{"resumed":false,"version":772,"cipher_suite":4865,"proto":"h2","server_name":"api.example.app"}},"method":"GET","uri":"https:/archive.org/robots.txt"}
{"level":"debug","ts":1730962007.8936129,"logger":"http.handlers.reverse_proxy","msg":"selected upstream","dial":"archive.org/robots.txt:0","total_upstreams":1}
{"level":"debug","ts":1730962007.8938036,"logger":"http.handlers.reverse_proxy","msg":"upstream roundtrip","upstream":"{http.request.uri}","duration":0.000146441,"request":{"remote_ip":"xxxxx","remote_port":"15428","client_ip":"xxxxx","proto":"HTTP/2.0","method":"GET","host":"archive.org/robots.txt:0","uri":"https:/archive.org/robots.txt","headers":{"Cdn-Loop":["cloudflare; loops=1"],"Cf-Ray":["8deb5e4528922be9-FRA"],"Cf-Connecting-Ip":["xxxxxx"],"Accept-Encoding":["gzip, br"],"Cf-Ipcountry":["DE"],"Accept":["*/*"],"Cf-Visitor":["{\"scheme\":\"https\"}"],"User-Agent":["curl/8.5.0"]},"tls":{"resumed":false,"version":772,"cipher_suite":4865,"proto":"h2","server_name":"api.example.app"}},"error":"dial tcp: lookup archive.org/robots.txt: no such host"}
{"level":"error","ts":1730962007.893925,"logger":"http.log.error.log1","msg":"dial tcp: lookup archive.org/robots.txt: no such host","request":{"remote_ip":"xxxxx","remote_port":"15428","client_ip":"xxxxxx","proto":"HTTP/2.0","method":"GET","host":"api.example.app","uri":"/https://archive.org/robots.txt","headers":{"Cf-Visitor":["{\"scheme\":\"https\"}"],"Accept":["*/*"],"Cf-Ray":["xxxxx-xxxx"],"User-Agent":["curl/8.5.0"],"Accept-Encoding":["gzip, br"],"X-Forwarded-Proto":["https"],"Cdn-Loop":["cloudflare; loops=1"],"Cf-Ipcountry":["xxx"],"X-Forwarded-For":["xxxxx"],"Cf-Connecting-Ip":["xxxxx"]},"tls":{"resumed":false,"version":772,"cipher_suite":4865,"proto":"h2","server_name":"api.example.app"}},"duration":0.000509643,"status":502,"err_id":"c97vn8it4","err_trace":"reverseproxy.statusError (reverseproxy.go:1267)"}
3. Caddy version:
v2.7.6 h1:w0NymbG2m9PcvKWsrXO6EEkY9Ru4FJK8uQbYcev1p3A=
4. How I installed and ran Caddy:
a. System environment:
Linu 5.15.0-94-generic #104-Ubuntu SMP Tue Jan 9 15:26:57 UTC 2024 aarch64 aarch64 aarch64 GNU/Linux
b. Command:
/usr/bin/caddy run --environ --config /srv/conf/Caddyfile
c. Service/unit/compose file:
# /lib/systemd/system/caddy.service
[Unit]
Description=Caddy
Documentation=https://caddyserver.com/docs/
After=network.target network-online.target
Requires=network-online.target
[Service]
Type=notify
User=caddy
Group=caddy
ExecStart=/usr/bin/caddy run --environ --config /srv/conf/Caddyfile
ExecReload=/usr/bin/caddy reload --config /srv/conf/Caddyfile --force
TimeoutStopSec=5s
LimitNOFILE=1048576:1048576
LimitNPROC=512
PrivateTmp=true
ProtectSystem=full
AmbientCapabilities=CAP_NET_ADMIN CAP_NET_BIND_SERVICE
StandardOutput=append:/var/log/caddy/caddy.log
StandardError=append:/var/log/caddy/caddy-error.log
[Install]
WantedBy=multi-user.target
d. My complete Caddy config:
(cors) {
header {
Access-Control-Allow-Origin "{http.request.header.Origin}"
Access-Control-Allow-Credentials true
Access-Control-Allow-Methods *
Access-Control-Allow-Headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
}
@options {
method OPTIONS
}
@not-options {
not method OPTIONS
}
}
https://api.example.app {
log {
output file /var/log/caddy/faidah.log
level DEBUG
}
respond @options 204
uri replace "https://api.example.app/" ""
uri strip_prefix /
#respond "Original URI: {http.request.uri} Original Path: {http.request.uri.path} Rewritten to: {uri}" 200
reverse_proxy {uri} {
header_up Host {upstream_hostport}
header_up -X-Forwarded-Host
header_up -X-forwarded-For
header_up -X-forwarded-Proto
header_down -Access-Control-Allow-Origin
transport http {
tls_insecure_skip_verify
}
}
import cors
}