Missing Access-Control-Allow-Origin

Question

Missing Access-Control-Allow-Origin

ArkjuniorK opened this issue a year ago · 6 comments

Question
Why header for access-control-allow-origin did not included when using tus-js-client with proxy in front of tus upload engine.

Setup details
Please provide following details, if applicable to your situation:
When upload request is created using tus-js-client to our server that stand behind proxy we always get the CORS error because access-control-allow-origin did not exists in the header's response. When we test the the endpoint with Postman, the header actually exists and it responded with 201 Created. What was the cause of this?

Runtime environment: Browser (Reactjs)
Used tus-js-client version: tus-js-client@3.1.0
Used tus server software: programatically tusd with gin-gonic

Answer 1 · 2023-04-17T06:57:22.000Z

Would you be able to generate a HAR file and share it with us (see https://www.inflectra.com/support/knowledgebase/kb254.aspx)? HAR files contain the network traffic from a website, so we can inspect the sent and received headers more easily. If you don't want to share this file in the public you can also email me at marius@transloadit.com.

Answer 2 · 2023-04-17T09:28:06.000Z

Hello @Acconut, thanks for your reply. I just send you an email about the HAR file.
You could see that POST request to https://apis-siacc3.underdev.team/video-tutor/upload/videos/ is blocked by CORS while the OPTIONS is succeed. Just ignore other request and websocket connection.

Answer 3 · 2023-04-18T10:00:41.000Z

Your POST requests to https://apis-siacc3.underdev.team/video-tutor/upload/videos/ return a redirection (307) to /video-tutor/upload/videos. This could throw CORS off, I think. Try to use the correct URL for the clients and avoid such a redirect.

Answer 4 · 2023-04-18T14:39:50.000Z

The POST request is intended to go to https://apis-siacc3.underdev.team/video-tutor/upload/videos since it was the API Gateway for upload service that we build. The API Gateway act as proxy that forward the request to upload service.

Your POST requests to https://apis-siacc3.underdev.team/video-tutor/upload/videos/ return a redirection (307) to /video-tutor/upload/videos. This could throw CORS off, I think. Try to use the correct URL for the clients and avoid such a redirect.

Answer 5 · 2023-04-19T05:47:21.000Z

I don't understand your response. Does it help if you use the correct URL?