1. The problem I’m having:
I am trying to implement CORS to limit accessing the given matcher. If CORS policy does not match I do not want it to proceed to reverse_proxy. Rather over here, it is going to reverse_proxy and responding back to client as well. Origin is http://localhost:5173 whereas I have setup CORS for https://localhost:5174
Am I doing any wrong configuration over here? Please help me out.
2. Error messages and/or full log output:
3. Caddy version:
2.8.4
4. How I installed and ran Caddy:
Using docker
and docker compose
a. System environment:
Macbook Air M2, MacOS, Sonoma 14.5
c. Service/unit/compose file:
services:
caddy:
image: caddy:2.8.4-alpine
ports:
- 80:80
- 443:443
- 443:443/udp
environment:
- CREDS
volumes:
- ./Caddyfile:/etc/caddy/Caddyfile
- caddy_data:/data
- caddy_config:/config
networks:
- internal-net
restart: unless-stopped
volumes:
caddy_data:
driver_opts:
type: none
o: bind
device: /Users/username/common/docker_volumes/caddy_data
caddy_config:
driver_opts:
type: none
o: bind
device: /Users/username/common/docker_volumes/caddy_config
networks:
internal-net:
name: internal-net
external: true
d. My complete Caddy config:
(cors) {
@origin{args[0]} header Origin {args[0]}
header @origin{args[0]} Access-Control-Allow-Origin "{args[0]}"
header @origin{args[0]} Vary Origin
}
examplesite.localhost {
@posttoken {
method POST
path /token/oauth
}
handle @posttoken {
import cors "https://localhost:5174"
reverse_proxy {
to https://www.example.com
header_up Authorization "Basic dXNlckBleGFtcGxlLmNvbTpwYXNzd29yZA=="
header_up Host {upstream_hostport}
}
}
reverse_proxy local-solution-dev:80
}