Cross Origin Policy with NGINX and ERRBIT

28 views
Skip to first unread message

Chris West

unread,
Jul 18, 2016, 12:14:28 PM7/18/16
to Errbit
Hi,
I started the Errbit in an subdomain with unicorn and NGINX.
If I try to use the notifier.js it tries to open an iframe with the following errir:

Refused to display 'https://error.xxxxxxxxxxxxxx.com/notifier_api/v2/notices.xml?data=%3C%3Fxml%20ve…nvironment-name%3E%20%20%20%20%3C/server-environment%3E%20%20%3C/notice%3E' in a frame because it set 'X-Frame-Options' to 'SAMEORIGIN'.

This is my errbit config:

server {
        #Basic Listener Stuff
        listen *:443 ssl;
        #certificate
        ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
        ssl_certificate /home/errbit/ssl/certificate.crt;
        ssl_certificate_key /home/errbit/ssl/certificate.key;
        #index related stuff
        root   /home/errbit/sites/error.xx.com/public;
        server_name error.xx.com;
        error_log /home/errbit/logs/error.log;
        access_log /home/errbit/logs/access.log combined;
        add_header 'Access-Control-Allow-Origin' *.xx.com;
    location / {
        proxy_set_header        X-Forwarded-Host $host;
        proxy_set_header        X-Forwarded-Server $host;
        proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_pass              http://localhost:8080/;
        client_max_body_size    10M;
        add_header 'Access-Control-Allow-Origin' *.xx.com;
    }
}

server{
        listen *:80;
        server_name error.xx.com;
        return 301 https://$host$request_uri;
}

Where am I mistaken.
What am I missing?

In the Application, where I'm using the javascript catcher, I got the same origin policy rule set.
Please help

Stephen Crosby

unread,
Jul 22, 2016, 9:48:39 PM7/22/16
to err...@googlegroups.com
Hey Chris,

Did you set up Javascript notifications this way using the xhr reporter? https://github.com/errbit/errbit#javascript-error-notifications

I haven't used the iframe reporter before.

--
You received this message because you are subscribed to the Google Groups "Errbit" group.
To unsubscribe from this group and stop receiving emails from it, send an email to errbit+un...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Reply all
Reply to author
Forward
0 new messages