Cloudron makes it easy to run web apps like WordPress, Nextcloud, GitLab on your server. Find out more or install now.


  • Categories
  • Recent
  • Tags
  • Popular
  • Bookmarks
Skins
  • Light
  • Cerulean
  • Cosmo
  • Flatly
  • Journal
  • Litera
  • Lumen
  • Lux
  • Materia
  • Minty
  • Morph
  • Pulse
  • Sandstone
  • Simplex
  • Sketchy
  • Spacelab
  • United
  • Yeti
  • Zephyr
  • Dark
  • Cyborg
  • Darkly
  • Quartz
  • Slate
  • Solar
  • Superhero
  • Vapor

  • Default (No Skin)
  • No Skin
Collapse

Cloudron Forum

Apps | Demo | Docs | Install

CORS for Surfer

Scheduled Pinned Locked Moved Solved Surfer
8 Posts 4 Posters 343 Views
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • T Offline
    T Offline
    thetomester13 App Dev
    wrote on last edited by
    #1

    Hello!

    I've recently discovered the beauty that is Surfer and am already using it for multiple different purposes.

    I've just come across a use case where I need CORS from my Surfer instance. I know the basics of CORS but don't know too much about the in-depth details of it to know what I'm specifically looking for (in the way of implementation). I am able to access my file just fine through a new tab for example, but when I need a separate web service to access these files, I get the following errors in the console. Thoughts? Has anyone come across this before? Wondering if I could even leverage the Security settings somehow to enable this?

    9c44d403-4d21-4fad-bc99-0834bc22fb5a-image.png

    girishG 1 Reply Last reply
    0
  • nebulonN Offline
    nebulonN Offline
    nebulon Staff
    wrote on last edited by
    #0

    This is added to the just released version. Please let me know if it does not work for your use-case.

    T 1 Reply Last reply
    3
  • girishG Do not disturb
    girishG Do not disturb
    girish Staff
    replied to thetomester13 on last edited by
    #2

    @thetomester13 I will let @nebulon decide if there are any security issue to allow this (or not). But of course a workaround is simply to proxy the surfer API calls via your backend. These days some privacy extensions also block some api calls to 3rd party sites (which are not a subdomain of the site you browse).

    1 Reply Last reply
    0
  • nebulonN Offline
    nebulonN Offline
    nebulon Staff
    wrote on last edited by
    #3

    Given that the API would be accessed via a token, I don't see much risk here to enable CORS. I will do so in the next surfer release then.

    mehdiM 1 Reply Last reply
    1
  • mehdiM Offline
    mehdiM Offline
    mehdi App Dev
    replied to nebulon on last edited by
    #4

    @nebulon You could enable CORS only for the served files, not for the API.

    1 Reply Last reply
    2
  • nebulonN Offline
    nebulonN Offline
    nebulon Staff
    wrote on last edited by
    #5

    This is added to the just released version. Please let me know if it does not work for your use-case.

    T 1 Reply Last reply
    3
  • T Offline
    T Offline
    thetomester13 App Dev
    replied to nebulon on last edited by
    #6

    @nebulon amazing!

    However, not sure this solved my particular use case 😕
    This is what I'm seeing now in the Networking tab:
    Screen Shot 2020-11-23 at 7.21.19 PM.png
    Viewing the file I'm trying to access directly works without a problem, and obviously something changed since the errors are different.

    That being said, I'm about to try and tackle this problem through another way, so I'm not too worried about this specific use case. If you are curious, I'm happy to help debug on my end though.

    mehdiM 1 Reply Last reply
    0
  • mehdiM Offline
    mehdiM Offline
    mehdi App Dev
    replied to thetomester13 on last edited by
    #7

    @thetomester13 Are you absolutely sure of the URL you are trying to load? The OPTION request gives a 404 (and the other error seems to be Firefox not liking a cross-domain 404 or something).

    T 1 Reply Last reply
    0
  • T Offline
    T Offline
    thetomester13 App Dev
    replied to mehdi on last edited by
    #8

    @mehdi @nebulon it was the right URL, but that doesn't mean I'm not an idiot 🙂 I forgot to actually update the app to the latest version with CORS compatibility 😅

    After an update, all is working as expected! Appreciate the help and quick turn around!

    [can mark as resolved]

    1 Reply Last reply
    2

  • Login

  • Don't have an account? Register

  • Login or register to search.
  • First post
    Last post
0
  • Categories
  • Recent
  • Tags
  • Popular
  • Bookmarks
  • Login

  • Don't have an account? Register

  • Login or register to search.