How to add CORS to Duct? When adding the cors-middleware as follows:
:duct.router/ataraxy
{:middleware {:cors #ig/ref :app.middleware/cors}
:routes {"/v1" ^{:cors true
:keycloak true}
{["/config/" application-name]
{["/" service-name]
[:app.handler/config]}}}}
:app.middleware/cors {:pattern ".*"}
(ns app.middleware.cors
(:require
[integrant.core :as ig]
[jumblerg.middleware.cors :refer [wrap-cors]]))
(defmethod ig/init-key :app.middleware/cors [_ {:keys [pattern]}]
#(wrap-cors % (re-pattern pattern)))
Or when using the normal ring middleware
(wrap-cors handler
:access-control-allow-origin [allowed-origins]
:access-control-allow-methods [:get])
it works locally, but on server we get:
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at ..app.cloud. (Reason: CORS request did not succeed).
FAILURE {:uri https://..app.cloud, :last-method GET, :last-error [0], :last-error-code 6, :debug-message Http response at 400 or 500 level, :status 0, :status-text Request failed., :failure :failed}
Does anyone have example of working setup to prevent CORS in Duct?
Seems to be a Kubernetes Ingess that strips the headers
That fixed it