Forum
cors header error
Hans-Cees
13 November 2017, 21:44
Hi,
I am using hiawatha as a reverse-proxy.
I am trying to add a custom cors header as I think the manpage suggests:
CustomHeaderClient = Access-Control-Allow-Origin: *
But apparently I am doing something wrong? Hiawatha complains:
Starting webserver: Syntax error in hiawatha.conf on line 220.
error!
Config like this:
Should I implement the cors-headers in the backend-server?
I am using hiawatha as a reverse-proxy.
I am trying to add a custom cors header as I think the manpage suggests:
CustomHeaderClient = Access-Control-Allow-Origin: *
But apparently I am doing something wrong? Hiawatha complains:
Starting webserver: Syntax error in hiawatha.conf on line 220.
error!
Config like this:
VirtualHost {
Hostname = www.mieser.com, *.mieser.com
ReverseProxy !^/.well-known/ http://192.168.3.79:8080/
CustomHeaderClient = Access-Control-Allow-Origin: *
RequireTLS = yes
TLScertFile = /etc/letsencrypt/live/www.mieser.com/hiawatha-hc.pem
WebsiteRoot /var/www/hcs
RandomHeader = 250 # anti decryption on https listening
}
Should I implement the cors-headers in the backend-server?
Hugo Leisink
14 November 2017, 08:12
Do you have the latest version of Hiawatha installed?
hanscees
15 November 2017, 22:08
First on CORS headers on the back-end www-server.
when I use hiawatha as reverse proxy with the config above, and I enable CORS on the bach-end nginx this works fine.
I used cors nginx config here: https://enable-cors.org/server_nginx.html
Teh hiawatha reverse-proxy nicely passes these headers on. So thats a good start
Transmission Control Protocol, Src Port: 80, Dst Port: 50028, Seq: 1, Ack: 333, Len: 835
Hypertext Transfer Protocol
HTTP/1.1 200 OK\r\n
Server: nginx/1.13.6\r\n
Date: Wed, 15 Nov 2017 21:01:24 GMT\r\n
Content-Type: text/html\r\n
Content-Length: 231\r\n
Last-Modified: Wed, 15 Nov 2017 20:37:09 GMT\r\n
ETag: "5a0ca575-e7"\r\n
Access-Control-Allow-Origin: *\r\n
Access-Control-Allow-Methods: GET, POST, OPTIONS\r\n
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range\r\n
Access-Control-Expose-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range\r\n
Accept-Ranges: bytes\r\n
when I use hiawatha as reverse proxy with the config above, and I enable CORS on the bach-end nginx this works fine.
I used cors nginx config here: https://enable-cors.org/server_nginx.html
Teh hiawatha reverse-proxy nicely passes these headers on. So thats a good start
Transmission Control Protocol, Src Port: 80, Dst Port: 50028, Seq: 1, Ack: 333, Len: 835
Hypertext Transfer Protocol
HTTP/1.1 200 OK\r\n
Server: nginx/1.13.6\r\n
Date: Wed, 15 Nov 2017 21:01:24 GMT\r\n
Content-Type: text/html\r\n
Content-Length: 231\r\n
Last-Modified: Wed, 15 Nov 2017 20:37:09 GMT\r\n
ETag: "5a0ca575-e7"\r\n
Access-Control-Allow-Origin: *\r\n
Access-Control-Allow-Methods: GET, POST, OPTIONS\r\n
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range\r\n
Access-Control-Expose-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range\r\n
Accept-Ranges: bytes\r\n
hanscees
15 November 2017, 22:11
as on the hiawatha version:
root@waf ~# /usr/sbin/hiawatha -v
Hiawatha v10.0, cache, IPv6, Monitor, reverse proxy, TLS v2.2.0, Tomahawk, URL toolkit, XSLT
Copyright (c) by Hugo Leisink <hugo@leisink.net>
Thats probably old? I was not sure howto update it I am afraid, asince hiawatha was not installed via the standard ubuntu way.
root@waf ~# /usr/sbin/hiawatha -v
Hiawatha v10.0, cache, IPv6, Monitor, reverse proxy, TLS v2.2.0, Tomahawk, URL toolkit, XSLT
Copyright (c) by Hugo Leisink <hugo@leisink.net>
Thats probably old? I was not sure howto update it I am afraid, asince hiawatha was not installed via the standard ubuntu way.
Hugo Leisink
15 November 2017, 22:15
CustomHeaderClient was introduced in v10.5, so in v10.0 it won't work. Create a new Debian / Ubuntu package by executing the script extra/make_debian_package.
This topic has been closed.
Copyright © by Hugo Leisink. All rights reserved.
Built upon the Banshee PHP framework.
Built upon the Banshee PHP framework.
