1. My Caddy version (caddy -version
):
v2.0.0-beta.14
2. How I run Caddy:
I’m trying to send requests directly from a web browser to an external server that I don’t have control of.
I’m using Caddy as a reverse proxy so I can manipulate CORS headers and allow browser to correctly handle the response.
a. System environment:
Windows 10
b. Command:
.\caddy run
d. My complete Caddyfile:
:5002 {
reverse_proxy /jsonrpc <public_IP>:443 {
header_up Host <public_IP>
header_up -X-Forwarded-For
header_down Access-Control-Allow-Headers "Content-Type"
header_down Access-Control-Allow-Origin "*"
header_down Access-Control-Allow-Methods "GET, POST, OPTIONS"
transport http {
tls
}
}
}
Where <public_ip> is the url of my server.
3. The problem I’m having:
From JavaScript I’m sending a POST
request through a standard fetch()
function.
fetch(url, {
method,
cache: 'no-store',
headers: {
'Content-Type': 'application/json',
},
body: JSON.stringify(request),
})
.then((resp) => {
if (!resp.ok) {
throw Error(resp.statusText);
}
return resp.json();
})
.then((resp) => {
console.log(resp);
})
.catch((error) => {
console.error('Error:', error);
});
Web browser preflights it by a OPTIONS
request and it seems like my backend server does not understand it and sends 400 Bad request
back.
So I think I need a way to imitate a valid response from the server to a OPTIONS
request so the web browser will proceed further. But I don’t know how.
4. Error messages and/or full log output:
Browser console:
Request (from the web browser tools):
Host: localhost:5002
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:72.0) Gecko/20100101 Firefox/72.0
Accept: */*
Accept-Language: en-US,en;q=0.7,pl;q=0.3
Accept-Encoding: gzip, deflate
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: http://localhost:8080/
Origin: http://localhost:8080
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Response:
HTTP/1.1 400 Bad Request
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Content-Length: 274
Content-Type: text/html
Date: Mon, 17 Feb 2020 11:11:56 GMT
Server: Caddy
Server: Werkzeug/0.9.6 Python/2.7.9
Via: 1.1 <public_ip>
5. What I already tried:
To backup my claims that it is backend server refusing to handle OPTIONS
request I’ve send a POST
request with a Postman and it is working just fine.
While OPTIONS
always returns some kind of 400 Bad request
. For example it says it is expecting only json
type and when I change content type to json
it says the body can not be empty and so on. So it looks like the backend server isn’t configured for OPTIONS
.