Haproxy CORS No 'Access-Control-Allow-Origin' header is present on the requested resource

Question

I want to configure haproxy to handle CORS by returning the following in response to being called:

*
Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
3628800
GET, DELETE, OPTIONS, POST, PUT

However, instead I get "No 'Access-Control-Allow-Origin' header is present on the requested resource". Note I'm using haproxy 1.7.9 and can't compile with lua.

I've reviewed https://www.haproxy.com/blog/enabling-cors-in-haproxy/ but can't recompile with lua.

Also HAProxy CORS OPTIONS header intercept setup

global
  log 127.0.0.1   local0
  log-send-hostname

  chroot /etc/haproxy
  pidfile /var/run/haproxy.pid
  maxconn 40000
  user haproxy
  group haproxy

  daemon
  nbproc 2
  tune.ssl.cachesize 100000
  tune.ssl.default-dh-param 2048

defaults
  log     global
  log-format  %ci:%cp\ [%t]\ %ft\ %b/%s\ %Tq/%Tw/%Tc/%Tr/%Tt\ %ST\ %B\ %U\ %CC\ \ %CS\ %tsc\ %ac/%fc/%bc/%sc/%rc\ %sq/%bq\ %hrl\ %hs\ %{+Q}r
  mode    http
  retries 3
  timeout check 60s
  timeout client 1m
  timeout client-fin 10s
  timeout connect 10s
  timeout http-keep-alive 60s
  timeout http-request 60s
  timeout queue 1m
  timeout server 1m
  timeout server-fin 10s
  option dontlognull
  option forceclose
  option forwardfor
  option http-server-close
  balance  roundrobin

# Set up application listeners here.
resolvers dns
  nameserver            dns1 XXXXXXXXXXXXXXXXXXXXXXXXXX
  resolve_retries       3
  timeout retry         1s
  hold valid            10s

frontend http_frontend
  mode http
  bind XXXXXXXXXXXXXXXXXXX:80 accept-proxy

  capture request header Authorization len 64
  .
  .
  default_backend dead_end

frontend https_frontend
  mode http
  bind XXXXXXXXXXXXXXXX:443 accept-proxy ssl crt /etc/haproxy/crt/ ssl verify optional ca-file /etc/haproxy/ca-file/ca-haproxy-stage.crt ciphers ECDHE-RSA-AES256-SHA:!RC4-SHA:!RC4:HIGH:!MD5:!aNULL:!EDH:!AESGCM no-sslv3

  capture request header Host len 64
  capture request header Authorization len 128
  .
  .
  capture request header Content-Length len 64
  capture request header Content-Type len 64


# BEGIN CORS

  capture request header origin len 128

  http-response add-header Access-Control-Allow-Origin %[capture.req.hdr(0)] if { capture.req.hdr(0) -m found }
  rspadd Access-Control-Allow-Headers:\ Origin,\ X-Requested-With,\ Content-Type,\ Accept,\ Authorization,\ JSNLog-RequestId,\ activityId,\ applicationId,\ applicationUserId,\ channelId,\ senderId,\ sessionId  if { capture.req.hdr(0) -m found }
  rspadd Access-Control-Max-Age:\ 3628800 if { capture.req.hdr(0) -m found } 
  rspadd Access-Control-Allow-Credentials:\ true  if { capture.req.hdr(0) -m found }
  rspadd Access-Control-Allow-Methods:\ GET,\ DELETE,\ OPTIONS,\ POST,\ PUT  if { capture.req.hdr(0) -m found }

 # END CORS

  use_backend bkservice


backend bkservice
  mode http

  option tcp-check
  option log-health-checks
  tcp-check connect port 80
  tcp-check send GET\ /hap_health HTTP/1.0

  tcp-check send 

  tcp-check expect rstring HTTP/1.0\ 200\ OK
  server BK_SERVICE myservice.stage.com:443 ssl verify none sni str(myservice.stage.com) check resolvers dns

backend dead_end
  mode http
  server de 127.0.0.1:9001

Access to XMLHttpRequest at 'https://myservice.stage.com/endpoint' from origin 'http://localhost:4200' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.

Haproxy CORS No 'Access-Control-Allow-Origin' header is present on the requested resource

Answers (1)

Related Questions

Haproxy CORS No &#39;Access-Control-Allow-Origin&#39; header is present on the requested resource

Answers (1)

Related Questions

Haproxy CORS No 'Access-Control-Allow-Origin' header is present on the requested resource