2

I've got a nodejs-express server running behind a Caddy 2 server as a reverse-proxy.

Caddy is running on a docker with the following configuration in docker-compose

  caddy:
    image: caddy
    restart: always
    ports:
      - "443:443"
      - "80:80"
    networks:
      - main-network
    volumes:
      - "./Caddyfile:/etc/caddy/Caddyfile"

With the following Caddyfile:

my-nice-site.com {
  reverse_proxy /* server:4030
}

The setup is working nicely when serving a webpage and the API, however, I'm getting into CORS problems the moment I try to access using a javascript with a different ORIGIN.

I have set up CORS in the express server using express cors middleware and it works ok when using on its own, but I keep getting that when running it behind Caddy, so I guess there is some configuration I need to make in my Caddyfile to allow cors but I couldn't find anything that worked for my setup.

MEMark
  • 1,493
  • 2
  • 22
  • 32
angrykoala
  • 3,774
  • 6
  • 30
  • 55

1 Answers1

3

I managed to solve my problem:
The headers were correctly set up by express, and I was getting them when making requests with curl or Postman without changing anything in Caddy.

The problem ended up being that I was making requests to http, Caddy was redirecting these to https, which is no problem for GET requests sent from Postman, but Preflight-requests (OPTIONS) do not support redirects, and because Caddy was making the redirection, it was not reaching express (and CORS setup), throwing the error.

Finally, the solution was simply making my requests to https://my-nice-server.com

angrykoala
  • 3,774
  • 6
  • 30
  • 55