Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add CORS headers to Nginx sites configurations(s) #394

Closed
dkastl opened this issue Jun 12, 2024 · 4 comments
Closed

Add CORS headers to Nginx sites configurations(s) #394

dkastl opened this issue Jun 12, 2024 · 4 comments
Labels
enhancement New feature or request

Comments

@dkastl
Copy link
Contributor

dkastl commented Jun 12, 2024
edited
Loading

Describe your feature request

I have created a Redmine plugin, that allows users to create and publish FIWARE Context Broker subscriptions, which then can create and update issues based on FIWARE notifications, and FIWARE-Big|Small-Bang was extremely helpful for development. Thanks a lot!

The plugin allows both, to publish subscriptions directly from the browser client, but also through the server. I have cases where publishing through the server is not possible, but when I try to connect to Orion for example directly, connection is not possible due to missing CORS settings in Nginx.

Describe the solution you'd like

It might be also useful for others to have CORS enabled. I only needed this for Orion, and the following settings worked for me:

[snip]

server {
  [snip]
  
  # Add CORS Headers
  add_header 'Access-Control-Allow-Origin' '*' always;
  add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS, DELETE, PUT, PATCH' always;
  add_header 'Access-Control-Allow-Headers' 'Origin, Content-Type, Accept, Authorization, X-Requested-With, fiware-service, fiware-servicepath' always;
  add_header 'Access-Control-Expose-Headers' 'location, fiware-correlator' always;

  location / {
    if ($request_method = 'OPTIONS') {
      add_header 'Access-Control-Allow-Origin' '*' always;
      add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS, DELETE, PUT, PATCH' always;
      add_header 'Access-Control-Allow-Headers' 'Origin, Content-Type, Accept, Authorization, X-Requested-With, fiware-service, fiware-servicepath' always;
      add_header 'Access-Control-Expose-Headers' 'location, fiware-correlator' always;
      add_header 'Access-Control-Max-Age' 1728000;
      add_header 'Content-Type' 'text/plain charset=UTF-8';
      add_header 'Content-Length' 0;
      return 204;
    }
    
    [snip]
  }
  
  [snip]
}

I'm not sure enabling CORS for other services would be also helpful, probably yes.
In this case there might be a better way than including CORS settings in each and every Nginx template.

Describe why you need this feature

  • To approach a new use case.
  • To integrate a new Generic Enabler / othe open source component.
  • To improve or simplify an scenario.
  • Other reason (describe it)

Additional information

  • I needed location permitted in Access-Control-Expose-Headers, because otherwise this information is dropped from the response
  • I needed to include fiware-service, fiware-servicepath in Access-Control-Allow-Headers to support multi-tenant configurations

I'm not sure other services/use cases need similar additional settings.

Do you have the intention to implement the solution

  • Yes, I have the knowledge to implement this new feature.
  • Yes, but I will need help.
  • No, I do not have the skills.

Other information

  • I have provided a Github Star to this repository.
fisuda added a commit to fisuda/FIWARE-Big-Bang that referenced this issue Jun 13, 2024
@fisuda
Add cross-origin resource sharing for Orion (lets-fiware#394)
fe810ab
@fisuda fisuda added the enhancement New feature or request label Jun 13, 2024
@fisuda
Copy link
Contributor

fisuda commented Jun 13, 2024

Thanks for your proposal.

I added the feature supporting CORS for Orion on my branch fisuda/feature/cors. Please test it and give me your feedback.

How to get the remote branch as shown:

$ git remote add fisuda https://github.com/fisuda/FIWARE-Big-Bang.git

$ git fetch fisuda
remote: Enumerating objects: 33, done.
remote: Counting objects: 100% (27/27), done.
remote: Compressing objects: 100% (4/4), done.
remote: Total 33 (delta 23), reused 27 (delta 23), pack-reused 6
Unpacking objects: 100% (33/33), 7.64 KiB | 711.00 KiB/s, done.
From https://github.com/fisuda/FIWARE-Big-Bang
 * [new branch]      feature/cors    -> fisuda/feature/cors
 * [new branch]      feature/grafana -> fisuda/feature/grafana
 * [new branch]      feature/knowage -> fisuda/feature/knowage
 * [new branch]      main            -> fisuda/main

$ git switch -c feature/cors fisuda/feature/cors
Branch 'feature/cors' set up to track remote branch 'feature/cors' from 'fisuda'.
Switched to a new branch 'feature/cors'

$ grep -1 ORION_CORS config.sh
# Enable cross-origin resource sharing (CORS) Default: false
ORION_CORS=

To enable CORS for Orion, set ORION_CORS= to true in the config.sh file.

Thanks.

@dkastl
Copy link
Contributor Author

dkastl commented Jun 14, 2024

Oh, great! I will try it out in the next days.

I don't have a good overview of FIWARE specific headers, I just know about fiware-service, fiware-servicepath and location so far, because they are used in my plugin.

@dkastl
Copy link
Contributor Author

dkastl commented Jun 20, 2024

I tested the CORS settings and they work perfectly!

fisuda added a commit that referenced this issue Jun 21, 2024
@fisuda
Merge pull request #395 from fisuda/feature/cors
8e9eee6 
Add cross-origin resource sharing for Orion (#394)
@fisuda
Copy link
Contributor

fisuda commented Jun 21, 2024

This feature has been implemented at PR #395 and is included in the latest release, FIWARE Big Bang v0.40.0.

@fisuda fisuda closed this as completed Jun 21, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@dkastl @fisuda