Contributions
Re: Swagger behind Nginx Proxy and CORS error
ponelatI think it works. I have the same response when execute curl command from shell. Could you tell me is there any possibility to configure docs.swagger.example.com some way to not provide any configuration on any servers like t1.example.com,t2.example.com and so on.676Views0likes0CommentsRe: Swagger behind Nginx Proxy and CORS error
Thank you ponelat. 🙂 I am going to ask backend devs what does mean this error. I hope I reached the end. I will let you know. PS Is it possible to do some kind of reset origin header? On one testing server I have an error from cors has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header contains multiple values 'https://swagger.example.com, https://swagger.example.com', but only one is allowed. but in config I have currently only one occurence of this header. Is it possible that origin header is remembered due to this: add_header 'Access-Control-Max-Age' 17286000;670Views0likes0CommentsRe: Swagger behind Nginx Proxy and CORS error
ponelatThank you for an answer. I add whole config fromhttps://enable-cors.org/server_nginx.htmlto the nginx config of the t1.example.com: add_header 'Access-Control-Allow-Origin' '*'; location / { if ($request_method = 'OPTIONS') { add_header 'Access-Control-Allow-Origin' '*'; add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS'; # # Custom headers and headers various browsers *should* be OK with but aren't # add_header 'Access-Control-Allow-Headers' 'DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range'; # # Tell client that this pre-flight info is valid for 20 days # add_header 'Access-Control-Max-Age' 1728000; add_header 'Content-Type' 'text/plain; charset=utf-8'; add_header 'Content-Length' 0; return 204; } if ($request_method = 'POST') { add_header 'Access-Control-Allow-Origin' '*' always; add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS' always; add_header 'Access-Control-Allow-Headers' 'DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range' always; add_header 'Access-Control-Expose-Headers' 'Content-Length,Content-Range' always; } if ($request_method = 'GET') { add_header 'Access-Control-Allow-Origin' '*' always; add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS' always; add_header 'Access-Control-Allow-Headers' 'DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range' always; add_header 'Access-Control-Expose-Headers' 'Content-Length,Content-Range' always; } } and now Chrome returns something like this: and Firefox:3.6KViews0likes3CommentsRe: Swagger behind Nginx Proxy and CORS error
ponelatIn my case it looks like this: It's from Chrome. From firefox error from console is more accurate: If you have any hints - appreciate! I am still trying resolve it. PS I also tried to copy paste config from this sitehttps://enable-cors.org/server_nginx.htmlto swagger.example.com nginx config. Still nothing. Maybe something with proxy headers etc?3.6KViews0likes5CommentsRe: Swagger behind Nginx Proxy and CORS error
Yes, I know CORS is a browser thing. Yes I am referring to "Try it out" feature of the Swagger UI. Currently I have few APIs on few servers. Each looks like t{1,2,3,4}.example.com/swagger. Inside vhost file config looks like location /swagger { root /home/deployuser; } where inside /home/deployuser is "swagger" directory deployed plain old html/css/js method described in the docs. Of course it works. But now I my goal is different approach. I have an application based on "Sinatra" which includes Swagger UI (the same files like from "plain on deployment method"). This app is available under, lets say, docs.swagger.example.com. When I open docs.swagger.example.com and put credentials to authenticate Swagger UI opens. Then I can choose to which API (t{1,2,3,4}.example.com/api) I would like to send request. Here the problem with CORS appears. Nginx config of the docs.swagger.example.com:https://pastebin.com/0mpf7ve7. I tried to add the line --> add_header Access-Control-Allow-Origin "https://docs.swagger.example.com"; to the nginx config files of the t{1,2,3,4}.example.com APIs. It does not help. 😕 I stucked. Is it possible to resolve it on the server docs.swagger.example.com side like docs https://swagger.io/docs/open-source-tools/swagger-ui/usage/cors/says in the point 2 - quote "The application is located behind a proxy that enables the required CORS headers."? ponelatGenerally speaking which headers should I add to nginx config of the docs.swagger.example.com to resolve the cors issue? PS I tried many different configs found on the Internet but ..., among others below config which looks the best for me: add_header Access-Control-Allow-Origin "*"; if ($http_origin ~* "^https://(t1.example.com|www.t1.example.com|t2.example.com|www.t2.example.com|and-so-on)$") { add_header Access-Control-Allow-Origin "$http_origin"; }3.7KViews0likes8CommentsSwagger behind Nginx Proxy and CORS error
Hi all! I have a problem. I would like to not get an CORS error after pasting in swagger available under swagger.example.com the link to the file available under testing.example.com/plik.yaml. The vhost file: https://pastebin.com/KXTv7CBm I am using. The commented out location block was my second attempt. After that I already started combining with different configurations from the net, but with no effect. PS I wonder if it is possible to make proxy + cors configured on swagger.example.com in such a way, that I do not have to add: add_header Access-Control-Allow-Origin "https://swagger.example.com"; on every server which will use swagger available under swagger.example.com. Do any of you guys have any ideas?4.6KViews0likes11Comments