Hello everyone,
I have this middle ware configured to handle cors header for multiple origins (mostly microservices hosted under subdomains).
apiVersion: traefik.containo.us/v1alpha1
kind: Middleware
metadata:
name: admin-fe-cors
namespace: staging
spec:
headers:
accessControlAllowMethods:
- "GET"
- "POST"
- "OPTIONS"
- "DELETE"
- "PATCH"
- "PUT"
accessControlAllowOriginListRegex:
- "https://(.*?)XXXXX.net"
- "https://(.*?)XXXXX.com"
accessControlMaxAge: 100
addVaryHeader: true
Im running Traefik v2.5.3 and I have not Idea if that config works or not or what headers Im supposed to look for or how to test it?
Thanks
You need to test your configuration by sending the request with the Origin header set. The easiest way is to use curl with the following extra arguments added:
curl -i -H 'Origin: https://your-origin-address.org' https://example.org
in the response, you should see the header Access-Control-Allow-Origin
and the origin domain you set in your request.
If you find the better approach to validate CORS feel free to let us know
Thank you,
Jakub
1 Like
The CORS filter allows you to control which cross-origin requests Firefox allows.
It is enabled by default.
It may cause problems with your site, because there are some cases where sites need to be able to issue cross-origin requests that won't be allowed by default.
If you have a CORS issue, please add a CORS policy.
Please note that CORS is not the same as Same-origin policy (SOP). SOP is also enabled by default.
You may also need to disable SOP temporarily while debugging your site.
For more information about CORS and SOP, please see the documentation on the Mozilla website .