Skip to content
This repository has been archived by the owner on Apr 21, 2023. It is now read-only.

CORS not working after enabling page speed on Apache #2080

Open
fahadabid opened this issue Sep 8, 2021 · 5 comments
Open

CORS not working after enabling page speed on Apache #2080

fahadabid opened this issue Sep 8, 2021 · 5 comments

Comments

@fahadabid
Copy link

Hi

I have enabled page speed on Apache/2.4.25 (Debian)
Running on
NAME="Debian GNU/Linux"
VERSION_ID="9"
VERSION="9 (stretch)"
ID=debian

And added settings into the page speed are following
ModPagespeedAddResourceHeader "Access-Control-Allow-Origin" "*"
ModPagespeedAddResourceHeader "Access-Control-Allow-Credentials" "true"
ModPagespeedAddResourceHeader "Access-Control-Max-Age" "28800"
ModPagespeedAddResourceHeader "Access-Control-Allow-Methods" "POST, GET, OPTIONS, PUT, DELETE"
ModPagespeedAddResourceHeader "Access-Control-Allow-Headers" "Content-Type, X-Auth-Token, Origin, Authorization"

Still facing CROS issue
@Lofesa
Copy link
Contributor

Lofesa commented Sep 8, 2021

And what is your CROS issue?

@fahadabid
Copy link
Author

I have two subdomains one is app.example.com and the other is api.example.com after enabling the page speed module the app can not any endpoint to API from the browser. If the disabled the module it works. The page speed module config is already shown above.

@Lofesa
Copy link
Contributor

Lofesa commented Sep 9, 2021

And these urls are rewrited by pagespeed?
Have you the content-security-policy header in place?
What error have you in the browser console?

@fahadabid
Copy link
Author

And these urls are rewrited by pagespeed?
No, nothing like, I shared if I have to somethings to make it work.

Have you the content-security-policy header in place?
No

What error have you in the browser console?
Access to XMLHttpRequest at 'http://api.example.com/login' from origin 'http://app.example.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.

@Lofesa
Copy link
Contributor

Lofesa commented Sep 10, 2021

Hi
I have found a issue #1794 seems is like yours.
These issue have no responses, so I don´t know if the user has solved this but you may ask to the user @tuananhzippy about it.
In this issue the headers set by ModPagespeedAddResourceHeader are not added.
See the issue #1760 and try changin the ModPagespeedAddResourceHeade directives with the apache config: Header setifempty Access-Control-Allow-Origin <MY_ORIGIN>

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@Lofesa @fahadabid