CORS problem
724 views
Skip to first unread message
Matthieu Le Prado
Jul 8, 2017, 6:56:36 PM7/8/17
to EasyRTC
Hi,
I am about deploy my Easyrtc based website into production but I am facing a difficult issue :
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://www.my-appliaction.com:8000/socket.io/?EIO=3&transport=polling&t=LqaKtG9. (Reason: CORS header ‘Access-Control-Allow-Origin’ missing).
The main server of my application handles member parameters plus a forum. It is based on nodejs too. It is accessed via : https://my-application.com.
When member connect to the easyrtc server, it is done at the specific address : easyrtc.setSocketUrl(":8000"). So, the port 8000, of the same server is used to address the Easyrtc part.
I am implementing a reverse proxy with HAProxy to terminate SSL and load balance (http mode / layer 7) .
- main_server port 443 --> proxyed to ports 3001 or 3002 (load balance)
- easyrtc_server port 8000 --> proxyed to ports 8001 or 8002 (load balance)
(Both server are deployed on two ports thanks to nodejs cluster.)
All was working with no load balance (same nodejs code with number of workers limited to 1 ), but with the load balance I am having this CORS issue.
If I understand correctly the problem is that access to https://my-application.com:8000 (Easyrtc Server) from the main server https://my-application.com, is not allowed.
I tryed to implement on the Easyrtc server, two common solutions found via google, but it did not work :
socketServer.origins(['*:*'])
or
app.use(function (req, res, next) {
console.log(req.headers)
res.setHeader('Access-Control-Allow-Origin', "*:*')
res.setHeader('Access-Control-Allow-Methods', 'GET, POST, OPTIONS, PUT, PATCH, DELETE')
res.setHeader('Access-Control-Allow-Headers', 'X-Requested-With,content-type')
return next()
}
)
Any suggestion will be much appreciated.
Matthieu
I am about deploy my Easyrtc based website into production but I am facing a difficult issue :
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://www.my-appliaction.com:8000/socket.io/?EIO=3&transport=polling&t=LqaKtG9. (Reason: CORS header ‘Access-Control-Allow-Origin’ missing).
The main server of my application handles member parameters plus a forum. It is based on nodejs too. It is accessed via : https://my-application.com.
When member connect to the easyrtc server, it is done at the specific address : easyrtc.setSocketUrl(":8000"). So, the port 8000, of the same server is used to address the Easyrtc part.
I am implementing a reverse proxy with HAProxy to terminate SSL and load balance (http mode / layer 7) .
- main_server port 443 --> proxyed to ports 3001 or 3002 (load balance)
- easyrtc_server port 8000 --> proxyed to ports 8001 or 8002 (load balance)
(Both server are deployed on two ports thanks to nodejs cluster.)
All was working with no load balance (same nodejs code with number of workers limited to 1 ), but with the load balance I am having this CORS issue.
If I understand correctly the problem is that access to https://my-application.com:8000 (Easyrtc Server) from the main server https://my-application.com, is not allowed.
I tryed to implement on the Easyrtc server, two common solutions found via google, but it did not work :
socketServer.origins(['*:*'])
or
app.use(function (req, res, next) {
console.log(req.headers)
res.setHeader('Access-Control-Allow-Origin', "*:*')
res.setHeader('Access-Control-Allow-Methods', 'GET, POST, OPTIONS, PUT, PATCH, DELETE')
res.setHeader('Access-Control-Allow-Headers', 'X-Requested-With,content-type')
return next()
}
)
Any suggestion will be much appreciated.
Matthieu
Matthieu Le Prado
Jul 10, 2017, 3:04:42 AM7/10/17
to EasyRTC
Hi,
As was suggested in https://groups.google.com/forum/#!topic/easyrtc/LhWDPO8Rk_M :
"An additional option is to host all http content using Apache relegating the easyRTC server to being just a socket server. You would need to also copy the socket.io.js and easyrtc.js clientside javascript files over. This should avoid the need for CORS altogether.
-Rod Apeldoorn (Priologic Software Inc.)"
I am not using Apache but I would be interested by having a example of such socket.io/easyrtc server on the base of the simple server example :
// Load required modules
var http = require("http"); // http server core module
var express = require("express"); // web framework external module
var io = require("socket.io"); // web socket external module
var easyrtc = require("easyrtc"); // EasyRTC external module
// Setup and configure Express http server. Expect a subfolder called "static" to be the web root.
var httpApp = express();
httpApp.use(express.static(__dirname + "/static/"));
// Start Express http server on port 8080
var webServer = http.createServer(httpApp).listen(8080);
// Start Socket.io so it attaches itself to Express server
var socketServer = io.listen(webServer);
// Start EasyRTC server
var easyrtcServer = easyrtc.listen(httpApp, socketServer);
Eric Davies
Jul 10, 2017, 1:58:42 PM7/10/17
to EasyRTC
What you are experiencing is not an easyrtc problem but a websocket problem.
It would probably be more effective to ask in a community that focuses on WebSocket issues how to handle loadsharing.
That said, I believe Rod has said that nginx was a better choice than haproxy when you started combining websockets with loadsharing.
Matthieu Le Prado
Jul 11, 2017, 2:51:20 AM7/11/17
to EasyRTC
Many thanks Eric. I will try with Nginx
Reply all
Reply to author
Forward
0 new messages