Setting up CORS on Sync Gateway

336 views
Skip to first unread message

Todd Freese

unread,
Oct 21, 2015, 12:15:30 PM10/21/15
to Couchbase Mobile
I am having troubles setting up CORs support on my sync gateway. I've swapped out my real domain name with xxx for posting purposes.

On my SG server (https://db.xxx.com), I added the following to my config.json:

"CORS": {

                "origin":["https://webclient.xxx.com"],

                "loginOrigin":["https://webclient.xxx.com"],

                "headers":["DNT","X-CustomHeader","Keep-Alive","User-Agent","X-Requested-With","If-Modified-Since","Cache-Control","Content-Type","Authorization"],

                "maxAge": 1728000

        }



My web server (https://webclient.xxx.com) is Nginx.


I am getting the following error:


XMLHttpRequest cannot load https://db.xxx.com/xxxdb/-9t43hswLaiNa3qymE7MU9U. Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'https://webclient.xxx.com' is therefore not allowed access.


Am I missing something?


Sync Gateway is built from master.


Todd


ajres

unread,
Oct 21, 2015, 12:25:52 PM10/21/15
to Couchbase Mobile
I have not done this myself, but I found an SE Q and A that suggests nginx needs to be configured to pass the 'Access-Control-Allow-Origin' header.


Andy

Todd Freese

unread,
Oct 21, 2015, 12:59:52 PM10/21/15
to Couchbase Mobile
Tried that, still a no go.

Seems like sync gateway needs to be inserting the Access-Control-Allow-Origin header, which I'm not sure is happening...

T

Todd Freese

unread,
Oct 21, 2015, 1:06:09 PM10/21/15
to Couchbase Mobile
I'll add that I see the OPTIONs request in the SG log. Is there a way to see this response? The Chrome debugger shows the request, but not the response.

Todd

Jens Alfke

unread,
Oct 21, 2015, 2:07:16 PM10/21/15
to mobile-c...@googlegroups.com

On Oct 21, 2015, at 10:06 AM, Todd Freese <to...@filmworkers.com> wrote:

I'll add that I see the OPTIONs request in the SG log. Is there a way to see this response? The Chrome debugger shows the request, but not the response.

I don’t think SG has an option to log HTTP responses.

The general way to do this is to interpose a logging proxy or sniffer (HTTPScoop and Charles are two good Mac apps for this.)

—Jens

Todd Freese

unread,
Oct 21, 2015, 2:20:19 PM10/21/15
to Couchbase Mobile
So I got this working.

Turns out I had a typo in my config file. Yes.... a typo.

Sorry for the noise!

Todd

Todd Freese

unread,
Oct 21, 2015, 2:24:00 PM10/21/15
to Couchbase Mobile
I'll add this to the thread for the next person...

I did not have to make any changes to my Nginx config to get CORS to work.

Todd
Reply all
Reply to author
Forward
0 new messages