/ Register

Join the community today
Register Now

Cross-Origin Request Blocked

Discussion in 'Domains, DNS, Email & SSL Certificates' started by hellenic, Apr 8, 2019.

Previous Thread Next Thread
Loading...
  1. Apr 8, 2019 #1
    hellenic

    hellenic New Member

    20
    4
    3
    Mar 4, 2019
    Ratings:
    +5
    Local Time:
    5:36 PM
    1.15.9
    10.1.38
    Hello

    I am using Cloudflare's full certificate for my domain and i have set Let's encrypt on the server. When i try to post something on the shoutbox it doesn't work and i am getting this:


    Code:
    Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://mydomain.com:8443/socket.io/?EIO=3&transport=polling&t=MdufXzJ. (Reason: CORS header ‘Access-Control-Allow-Origin’ missing).
    How can i fix that?

    Thank you
     
  2. Apr 8, 2019 #2
    eva2000

    eva2000 Administrator Staff Member

    58,904
    12,490
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +19,122
    Local Time:
    12:36 AM
    Nginx 1.31.x
    MariaDB 10.x/11.4+/12.3+
  3. Apr 8, 2019 #3
    pamamolf

    pamamolf Well-Known Member

    4,125
    429
    83
    May 31, 2014
    Ratings:
    +841
    Local Time:
    5:36 PM
    Nginx-1.29.x
    MariaDB 10.6.x
    I did a check for my friend and the script tries to load an app.js from socket.io but is not allowed by the nginx config if i am not wrong and i thought that adding an add header allow cross origin domain or something like that it should work ....

    But didn't work... Maybe i have to disable also an existing header....?
     
  4. Apr 8, 2019 #4
    hellenic

    hellenic New Member

    20
    4
    3
    Mar 4, 2019
    Ratings:
    +5
    Local Time:
    5:36 PM
    1.15.9
    10.1.38
    On static files for js there is a related header but it doesn't work:

     
  5. Apr 8, 2019 #5
    hellenic

    hellenic New Member

    20
    4
    3
    Mar 4, 2019
    Ratings:
    +5
    Local Time:
    5:36 PM
    1.15.9
    10.1.38
    From headers i can see a status code 521 that seems Cloudflare can't communicate back to my server but my server is working.....

    On server i did a simple Centminmod setup and i install Let's encrypt from menu option 4 and then 4 again.

    Nothing else...

    Code:
    Request URL: https://mydomain.com:8443/socket.io/?EIO=3&transport=polling&t=MdywpW8
Request Method: GET
Status Code: 521
    From Chrome console when it tries to load the app.js at the type i can see xhr as type of the file and maybe this one is missing from the Nginx mapping types like fonts and images?
     
    Last edited: Apr 8, 2019
  6. Apr 8, 2019 #6
    eva2000

    eva2000 Administrator Staff Member

    58,904
    12,490
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +19,122
    Local Time:
    12:36 AM
    Nginx 1.31.x
    MariaDB 10.x/11.4+/12.3+
    cloudflare only proxies for port 80 and 443 it won't proxy for ports like 8443, so you need to disable orange cloudflare protection for site on mydomain.com:8443 i believe https://support.cloudflare.com/hc/en-us/articles/200169156-Which-ports-will-Cloudflare-work-with-

    edit: ok cloudflare proxy on port 8443

     
  7. Apr 8, 2019 #7
    eva2000

    eva2000 Administrator Staff Member

    58,904
    12,490
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +19,122
    Local Time:
    12:36 AM
    Nginx 1.31.x
    MariaDB 10.x/11.4+/12.3+
    but 521 https://support.cloudflare.com/hc/en-us/articles/200171916-Error-521-Web-server-is-down

    See Getting Started Guide step 5 and setting correct real ip via nginx module config at http://centminmod.com/nginx_configure_cloudflare.html.

    If using Centmin Mod 123.09beta01 and newer, there's an added tools/csfcf.sh script to aid in this. Details at:
    but 521 is a separate issue to your original post for CORS
     
  8. Apr 9, 2019 #8
    eva2000

    eva2000 Administrator Staff Member

    58,904
    12,490
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +19,122
    Local Time:
    12:36 AM
    Nginx 1.31.x
    MariaDB 10.x/11.4+/12.3+
    one more thing did you whitelist port 8443 in CSF Firewall for TCP_IN/TCP6_IN listings in /etc/csf/csf.conf config ? 8443 isn't a default open port by CSF Firewall https://centminmod.com/csf_firewall.html
     
  9. Apr 9, 2019 #9
    hellenic

    hellenic New Member

    20
    4
    3
    Mar 4, 2019
    Ratings:
    +5
    Local Time:
    5:36 PM
    1.15.9
    10.1.38
    Yes the port is open.
    The index of the script that i am using is located at /home/nginx/domains/mydomain.com/public/public
    When i set it as above the script works perfectly but there is an issue with lets encrypt certificate.
    The lets encrypt certificate it works only when i set the index path as /home/nginx/domains/mydomain.com/public

    I think that's the problem but i have no idea how to fix that.
     
  10. Apr 9, 2019 #10
    eva2000

    eva2000 Administrator Staff Member

    58,904
    12,490
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +19,122
    Local Time:
    12:36 AM
    Nginx 1.31.x
    MariaDB 10.x/11.4+/12.3+
    yes that is the default and by design as to how letsencrypt routine for nginx vhosts is configured as it uses web root authentication for letsencrypt domain validation so /home/nginx/domains/mydomain.com/public/.well-known/* is where letsencrypt is looking as nginx vhost's web root is setup as /home/nginx/domains/mydomain.com/public

    if all of your site is behind /home/nginx/domains/mydomain.com/public/public as web root, then just change nginx vhost default root directive from /home/nginx/domains/mydomain.com/public to /home/nginx/domains/mydomain.com/public/public
     
  11. Apr 9, 2019 #11
    hellenic

    hellenic New Member

    20
    4
    3
    Mar 4, 2019
    Ratings:
    +5
    Local Time:
    5:36 PM
    1.15.9
    10.1.38
    When i set it to /public/public and disable Cloudflare i think Let's encrypt should work but i am getting:

    Code:
    This site can’t be reached The webpage at https://mydomain.com/ might be temporarily down or it may have moved permanently to a new web address.
ERR_SPDY_PROTOCOL_ERROR
    But i didn't adjust anything related to SPDY_PROTOCOL
     
  12. Apr 9, 2019 #12
    pamamolf

    pamamolf Well-Known Member

    4,125
    429
    83
    May 31, 2014
    Ratings:
    +841
    Local Time:
    5:36 PM
    Nginx-1.29.x
    MariaDB 10.6.x
    After a few tests the issue seems to be with the Lets encrypt certificate as when we use /public it works even if we pause Cloudflare....

    But if we set the root path to /public/public so the script start working then the Lets encrypt certificate doesn't work....

    Don't know what to do woth that issue ....
     
  13. Apr 9, 2019 #13
    eva2000

    eva2000 Administrator Staff Member

    58,904
    12,490
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +19,122
    Local Time:
    12:36 AM
    Nginx 1.31.x
    MariaDB 10.x/11.4+/12.3+
    see my reply at https://community.centminmod.com/threads/cross-origin-request-blocked.17163/#post-72652

    it should work as long as nginx vhost has you have the /usr/local/nginx/conf/staticfiles.conf include in your vhost config which is default as the staticfiles.conf include includes the letsencrypt web root validation context
    Code (Text):
        # prepare for letsencrypt
    # https://community.centminmod.com/posts/17774/
    location ~ /.well-known { location ~ /.well-known/acme-challenge/(.*) { more_set_headers    "Content-Type: text/plain"; } }

    that is relative to your defined nginx vhost root path so if it's default root directive from /home/nginx/domains/mydomain.com/public then would be for /home/nginx/domains/mydomain.com/public/.well-known/* access

    and root set to default to /home/nginx/domains/mydomain.com/public/public then it would be for /home/nginx/domains/mydomain.com/public/public/.well-known/* access

    but this all depends on your app on port 8443 being able to route /home/nginx/domains/mydomain.com/public/public/.well-known/ requests
     
    Last edited: Apr 9, 2019
  14. Apr 10, 2019 #14
    pamamolf

    pamamolf Well-Known Member

    4,125
    429
    83
    May 31, 2014
    Ratings:
    +841
    Local Time:
    5:36 PM
    Nginx-1.29.x
    MariaDB 10.6.x
    Ok we fix that issue with the certificate and now we can see net error connection refused something for socket.io....

    We are checking on this but port (8443) is open .....

    Anyway we will try different things and if we have something more specific we will post again :)

    Thank you
     
  15. Apr 10, 2019 #15
    pamamolf

    pamamolf Well-Known Member

    4,125
    429
    83
    May 31, 2014
    Ratings:
    +841
    Local Time:
    5:36 PM
    Nginx-1.29.x
    MariaDB 10.6.x
    Problem solved !

    For a reason Laravel was not able to write at public folder and the config never saved there so we add it manually and now all works great :)

    Thanks for your help and sorry for the trouble as the issues was not related to Centminmod ...
     
  16. Apr 10, 2019 #16
    hellenic

    hellenic New Member

    20
    4
    3
    Mar 4, 2019
    Ratings:
    +5
    Local Time:
    5:36 PM
    1.15.9
    10.1.38
    Thank you very much both of you for your help!
     
  17. Apr 10, 2019 #17
    eva2000

    eva2000 Administrator Staff Member

    58,904
    12,490
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +19,122
    Local Time:
    12:36 AM
    Nginx 1.31.x
    MariaDB 10.x/11.4+/12.3+
    Ah permissions issues !
     
Previous Thread Next Thread
Loading...

.