Plik seems to fail setting the correct headers
artemislena opened this issue · comments
fc17: Our instance (https://plik.artemislena.eu) keeps throwing CORS errors (and not working), due to missing headers, perhaps… and enabling EnhancedWebSecurity doesn't seem to do anything header-wise, i.e. none of the described ones are set, according to curl
…
Hello,
I've not played with EnhancedWebSecurity since quite a while I'll give it a
freag go. We should try to makes things work without it at first.
I don't get why you would get CORS issues at all unless the Plik server API
is on a different domain than the UI, is that your case ?
…On Thu, 19 May 2022, 17:57 Artemis, ***@***.***> wrote:
fc17: Our instance (https://plik.artemislena.eu) keeps throwing CORS
errors (and not working), due to missing headers, perhaps… and enabling
EnhancedWebSecurity doesn't seem to do anything header-wise, i.e. none of
the described ones are set, according to curl…
—
Reply to this email directly, view it on GitHub
<#445>, or unsubscribe
<https://github.com/notifications/unsubscribe-auth/ABQ5XPRA7BOG467XJKGY3VDVKZQE5ANCNFSM5WMWIB7Q>
.
You are receiving this because you are subscribed to this thread.Message
ID: ***@***.***>
Oh… it's behind a reverse proxy… does the Host header matter, or something like that?
To me as long as the static content is served on the same domain than the
API there should be no cross domain request occurring hence no CORS issue.
I'll take a look at your instance.
…On Thu, 19 May 2022, 18:30 Artemis, ***@***.***> wrote:
Oh… it's behind a reverse proxy… does the Host header matter, or something
like that?
—
Reply to this email directly, view it on GitHub
<#445 (comment)>, or
unsubscribe
<https://github.com/notifications/unsubscribe-auth/ABQ5XPU2AST5FHJRXZU6GUDVKZUAVANCNFSM5WMWIB7Q>
.
You are receiving this because you commented.Message ID:
***@***.***>
It definitely has to do something with the reverse proxy… it works if accessing it directly; through the LAN address…