Project

General

Profile

Actions

Bug #6918

closed

[Documentation] keepproxy CORS headers get doubled, don't work

Added by Brett Smith over 9 years ago. Updated over 9 years ago.

Status:
Resolved
Priority:
Normal
Assigned To:
Category:
Documentation
Target version:
Story points:
0.5

Description

Our current install guide for keepproxy suggests that you use a few add_header lines to add CORS headers to error responses. However, with the current keepproxy code, this causes the headers to get doubled. If you deploy according to our instructions, Firefox misinterprets the instructions and refuses to make requests that are supposed to be allowed. I'm guessing this is because '*, *' is not a meaningful Origin.

I note we're not setting these headers in our own production clusters.

Make this part of the documentation functional. If there's a way to make sure nginx only adds headers when they don't already exist, or only adds them to internal error responses, documenting that is good. Otherwise, removing the suggestion from the documentation seems like a reasonable solution to me too, but engineering can overrule me on that.


Subtasks 2 (0 open2 closed)

Task #7040: Review 6918-remove-nginx-cors-headersResolvedPeter Amstutz08/06/2015Actions
Task #7039: Fix docsResolvedPeter Amstutz08/06/2015Actions
Actions

Also available in: Atom PDF