CORS errors using NGINX Reverse Proxy

[Marc Casals]

Hi,

I'm currently trying to make a demo with a public domain and to do this I must use an Nginx located in a different server where I have DSpace.

Frontend loads fine and backend works too, but I unable to make the frontend work with the backend (CORS Error).

I've tried all combinations possible but nothing works. Here I attach the actual configuration, I don't see what I'm doing wrong!

NGINX

upstream node_upstream {
    server 192.168.10.43:4000;
    keepalive 64;
}

server {
    listen 80;

    server_name demo.example.com;

    location / {
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header Host $http_host;

        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";

        proxy_pass http://node_upstream/;
        proxy_redirect off;
        proxy_read_timeout 240s;
    }
}

upstream back_upstream {
    server 192.168.10.43:8080;
    keepalive 64;
}

server {
    listen 80;

    server_name demo-api.example.com;

    location / {
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header Host $http_host;

        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";

        proxy_pass http://back_upstream/;
        proxy_redirect off;
        proxy_read_timeout 240s;
    }
}

dspace local.cfg 

dspace.server.url = http://demo-api.example.com/server

dspace.ui.url = http://demo.example.com

rest.cors.allowed-origins = ${dspace.ui.url},http://demo.example.com,http://192.168.10.43:4000,http://192.168.10.10

(192.168.10.10 is the server with Nginx)

config.yml (frontend)

ui:
  ssl: false
  host: 192.168.10.43
  port: 4000
  nameSpace: /
rest:
  ssl: false
  host: demo-api.example.com
  port: 80
  nameSpace: /server

[Edmund Balnaves]

As with apache as a reverse proxy, you will probably find that you need to set the X-Forwarded_Proto to preserve the inbound https in the responses.  In our apache reverse proxy we use RequestHeader set X-Forwarded-Proto https

I believe the following will help with nginx

proxy_set_header X-Forwarded-Proto https;

Edmund

[Marc Casals]

Right now I'm using http, haven't tried https yet. So I don't think it will be the case.

Thanks for commenting

El dia dijous, 17 de novembre de 2022 a les 12:38:38 UTC+1, edmund....@gmail.com va escriure:

[Edmund Balnaves]

You will need to implement https unless you are running in a local network

[Mohammad S. AlMutairi]

Maybe this post would help you achieving what you have in mind. Check the first part of it out https://groups.google.com/g/dspace-tech/c/UwMvhb6QWnk/m/02Ot51vwAQAJ

[Mohammad S. AlMutairi]

On Friday, November 18, 2022 at 10:57:03 PM UTC+3 edmund....@gmail.com wrote:

You will need to implement https unless you are running in a local network

You can try this setup and will see it is working despite Tim's posts on it. Try it http. https://groups.google.com/g/dspace-tech/c/UwMvhb6QWnk/m/02Ot51vwAQAJ