Paul R Kartchner
35a3088c30
Some checks failed
CI Pipeline / Lint Code (push) Has been cancelled
CI Pipeline / Test API Package (push) Has been cancelled
CI Pipeline / Test Web Package (push) Has been cancelled
CI Pipeline / Test Shared Package (push) Has been cancelled
Docker Build & Deploy / Build Docker Images (push) Has been cancelled
E2E Tests / End-to-End Tests (push) Has been cancelled
E2E Tests / E2E Tests (Mobile) (push) Has been cancelled
Security Scanning / NPM Audit (push) Has been cancelled
Security Scanning / Dependency License Check (push) Has been cancelled
Security Scanning / Code Quality Scan (push) Has been cancelled
Security Scanning / Docker Image Security (push) Has been cancelled
CI Pipeline / Build All Packages (push) Has been cancelled
CI Pipeline / Generate Coverage Report (push) Has been cancelled
Docker Build & Deploy / Push Docker Images (push) Has been cancelled
Docker Build & Deploy / Deploy to Staging (push) Has been cancelled
Docker Build & Deploy / Deploy to Production (push) Has been cancelled
Security Scanning / Security Summary (push) Has been cancelled
Added comprehensive CORS headers to the nginx proxy configuration to fix network errors when the frontend tries to fetch from the API. Changes: - Added Access-Control-Allow-Origin header with dynamic origin - Added Access-Control-Allow-Methods for all needed HTTP methods - Added Access-Control-Allow-Headers for Content-Type and Authorization - Added Access-Control-Allow-Credentials for cookie support - Added X-Forwarded-Proto header to pass HTTPS scheme to backend - Implemented preflight OPTIONS request handling This resolves "NetworkError when attempting to fetch resource" errors in the browser by ensuring proper CORS handling at the nginx level. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
57 lines
2.1 KiB
Nginx Configuration File
57 lines
2.1 KiB
Nginx Configuration File
server {
|
|
listen 80;
|
|
server_name localhost;
|
|
root /usr/share/nginx/html;
|
|
index index.html;
|
|
|
|
# Serve static files
|
|
location / {
|
|
try_files $uri $uri/ /index.html;
|
|
}
|
|
|
|
# Proxy API requests to backend
|
|
location /api/ {
|
|
proxy_pass http://basil-api:3001;
|
|
proxy_http_version 1.1;
|
|
proxy_set_header Upgrade $http_upgrade;
|
|
proxy_set_header Connection 'upgrade';
|
|
proxy_set_header Host $host;
|
|
proxy_cache_bypass $http_upgrade;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
proxy_set_header X-Forwarded-Proto $scheme;
|
|
proxy_set_header Origin $http_origin;
|
|
client_max_body_size 20M;
|
|
|
|
# Pass through CORS headers from API
|
|
proxy_hide_header Access-Control-Allow-Origin;
|
|
proxy_hide_header Access-Control-Allow-Methods;
|
|
proxy_hide_header Access-Control-Allow-Headers;
|
|
proxy_hide_header Access-Control-Allow-Credentials;
|
|
add_header Access-Control-Allow-Origin $http_origin always;
|
|
add_header Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS" always;
|
|
add_header Access-Control-Allow-Headers "Content-Type, Authorization" always;
|
|
add_header Access-Control-Allow-Credentials "true" always;
|
|
|
|
# Handle preflight OPTIONS requests
|
|
if ($request_method = 'OPTIONS') {
|
|
add_header Access-Control-Allow-Origin $http_origin always;
|
|
add_header Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS" always;
|
|
add_header Access-Control-Allow-Headers "Content-Type, Authorization" always;
|
|
add_header Access-Control-Allow-Credentials "true" always;
|
|
add_header Content-Length 0;
|
|
add_header Content-Type text/plain;
|
|
return 204;
|
|
}
|
|
}
|
|
|
|
# Proxy uploads requests to backend
|
|
location /uploads/ {
|
|
proxy_pass http://basil-api:3001;
|
|
proxy_http_version 1.1;
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
}
|
|
}
|