-
Notifications
You must be signed in to change notification settings - Fork 486
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Example haproxy config #1156
Comments
Here's what I have. This does manage to upload, but it was a bit of a struggle and I had to add various CORS headers which I don't think I should need to:
And this is what I was running:
|
It appears odd to me that you disable the CORS headers from tusd and then set them manually in HAProxy. Is there a specific reason why you do this? Normally the CORS handling from tusd is sufficient to get tus uploads working. What errors were you running into? |
@Acconut I found that tusd wasn't sending any of the CORS headers, no matter which option I chose. So I turned that off and bodged it inside haproxy. I think this may have been because there was no I'm not sure whether that's deliberate/correct - I'm not sure when |
The Origin header should be present in an CORS-related request (preflight requests and main request): https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS Unless some other intermediary is removing this header, it should be there. Did you inspect the incoming requests and saw that the header was missing? |
Yes, it was missing. This sounds like it's specific to my environment. But would there be any harm in returning the CORS headers anyway? |
A CORS request must include the Origin header or otherwise it's not a valid CORS request as far as I know. Without the Origin header, the server can also not validate whether it should allow the cross-origin request or not. What error message did you get from the browser? What do the request/response look like that were sent/received? |
I agree a CORS request should include those. My point is: would it do any harm to include the CORS headers on a response whether or not the I can't see that it would. I think I've set up lots of configs in the past (e.g. in nginx) where that would occur. If it would do no harm, then always adding them would also solve this. I'll try to repro this later, but the browser was logging console errors about CORS once it tried to PATCH the uploaded file. |
Ok, some more experimentation. As you were too polite to say, CORS is probably a red herring or a consequence of some other config I had in there while experimenting. Here's an haproxy config that works.
I think the key option is The docs allude to needing to configure haproxy in this kind of way, but I think it would be super helpful to have a sample config that you know works, as you have for nginx. Given that you are using haproxy in production, you probably have a config that you are happy with, and it might easily include some more/better configuration that I've not figured out yet. Could you add that to the docs? |
I am glad to read that you figured it out and I also agree that having a working HAProxy config as an example would be helpful for users. Unfortunately, our HAProxy configuration is a lot more involved, so I cannot easily share it. However, I can tell that we do not use Besides that, our configuration includes logic to set the |
Maybe. Feel free to close this one, but I'll just also mention (for anyone else who finds it in future) that I hit problems because Sentry adds some headers to the request. So I had to reinstate this into my haproxy config (the last two headers are the ones it adds):
|
You can also configure tusd's CORS setup to allow/expose additional headers: https://tus.github.io/tusd/getting-started/configuration/#cross-origin-resource-sharing-cors Might be helpful for you :) |
Question
@Acconut You mentioned that you're using haproxy in live deployments. I'm having trouble getting that working. Would you be able to share your haproxy config?
The text was updated successfully, but these errors were encountered: