Cloud Run HTTP2 breaks CORS - google-cloud-run

I am running a basic Quarkus application on Google Cloud Run.
The default settings use HTTP 1.1 between Cloud Run and the backend container. If I enable http2 then CORS fails because the Access-Control-Allow-Origin header is mangled and returns the origin and the wildcard together and so is rejected by the browser.
For example when testing my app using the online Swagger UI the response is: access-control-allow-origin: https://petstore.swagger.io,*
Testing my app locally with curl and h2c does not show the problem. Therefore it seems that Google Cloud Run is doing some mangling of this header.
Is there some config I can set to stop this from happening?

I managed to track down the underlying problem in the framework that I was using.
The bug was that the framework was returning duplicate headers. For example:
access-control-allow-origin: *
access-control-allow-origin: https://petstore.swagger.io
There appears to be some weird behaviour in that cloud run had merged these into one header and then had concatenated the values.

Related

Cookies are not set on Vue.js and probably caused by CORS

I am creating an application using Vue.js with Vite for client-side and express.js for the server-side on docker. The server side sends the cookie as a response to Axios request front client, and I can see Set-cookie in the response-header. However, this cookie is not set to the browser. I opened the Application tab and checked the cookie, but nothing was there.
Client URL: http://localhost:3000/
Server URL: http://localhost:15173/
Both of the are running on separate Docker containers.
Environment is
Front: vue3 with vite
Sererside: nodejs with express.js
connection: Using axios
Probably, this is caused by CORS, but I don't know how to deal with that. I'm tring to solve this question fixing proxy, but so far no luck.
if anyone can help me out, that would be great. Thank you!
I tried vite.config proxy setting, but it didn't solve the situation.

incorrect swagger file path for hosted URL in Informatica cloud (mass ingestion)

I am trying to set up mass ingestion in IICS. This will be a streaming ingestion task. The source is REST V2.
 
According to the documentation, I can't provide an absolute path to the Swagger file for this connection. Instead, I need a hosted URL.
I tried hosting the Swagger file on a server that has the Informatica Cloud secure agent installed. When I create a connection everything works.
But when I try to add a connection for mass ingestion I get following error:
What is interesting, I also tried hosting this file on a VM in Azure, and when I try to access this file from a server using an internet browser it works. I can also see requests on the web server, but when I create mass ingestion and define the source I still get an error and I can't see any requests for the Swagger file on the web server.
What is wrong?

How to proxy requests in docker swagger ui

I'm using Swagger UI using its docker version. The Try it out button is not working as expected from the Web UI because there's a problem with cors. I'm running the UI from localhost and doing requests to another domain. I have read this other question How to avoid CORS errors ("Failed to fetch" or "Server not found or an error occurred") when making requests from Swagger Editor? but I cannot do any of the solutions it says.
I'm not sure if it's posible to setup a proxy on the docker container as SwaggerHub does, like, instead of the Try it out request be resolved on the browser, resolve it on the docker container.
Do you know if that is posible?

Unable to get the Response from angular7 services in production environment

I am new to angular and developed an angular application using angular CLI 7.
When I am running the application from my local system, I am getting the response from the service and it is working fine.
But when I deployed the application in the production server, I am unable to get the response from the service. Service is taking too long to respond and getting the HTTPErrorResponse of status Unknown Error.
We are using the Spring microservices for api calls to get the response data.
I am using the proxy.conf.json for the services because the URL running angular app is different from the service.
proxy.conf.json:
{
"/api/*":{
"target":"http://wsd185erd986.test.com/api",
"secure":false,
"loglevel":debug,
"changeOrigin":true
}
}
Changed the package.json to include the proxy.conf.json in proxyConfig.
Include the response headers in the service.
Could any one know on how to configure these proxy settings in production build for angular. Do we need to include any headers in the service calls.
HTTPErrorResponse - A response that represents an error or failure,
either from a non-successful HTTP status, an error while executing the
request, or some other failure which occurred during the parsing of
the response.
So as per the docs this error is thrown in multiple cases either there is an error at server end and server send the error response or there was some issue in parsing.
Please check the Spring Boot API request logs to see what response code is sent back.
You can check the API by a standalone client too (like Postman) and see if there is some issue.
As an aside - you should not be using angular development server in production as it is meant for angular development. Typically you can use any web server ( like Apache, NGinx etc) to host your angular production files ( they are merely static resources) and then either use them as a proxy ( by having their proxy configuration) or have CORS enabled services.

Ionic: A bit Strange CORS issue with the IOS emulator

This is the code.
$http({ method: 'GET', url: imageUrl });
I'm using the Ionic framework. It works fine in web, andorid mobile and android emulator.
But when I use the same in the IOS 9.3 emulator(4.1.1), I get the error XMLHttpRequest cannot load 'imageUrl'. Origin 'XXX' is not allowed by Access-Control-Allow-Origin.
I suppose I can eliminate any possible errors in the backend, as it is working with the other UI frameworks. Also in the backend(Django framework) I've set CORS_ORIGIN_ALLOW_ALL and CORS_ALLOW_CREDENTIALS to True, added the IP address with port to CORS_ORIGIN_WHITELIST and the needed headers(including Access-Control-Allow-Origin) in CORS_ALLOW_HEADERS.
So, Is there anything specific that needs to be done to make this error go away for the IOS emulator / platform ?
When you run:
ionic cordova emulate ios -l -c -s
Which my guess is, is what you're doing, the emulator is started and is binding to your Mac's IP address instead of 'localhost'. This causes your receiving endpoint to see your Mac's IP in the request header of your get request and because this is a different address than the simulator has it will view your request as a Cross Domain Request.
Please try the following guide from the Ionic team:
Handling CORS issues in Ionic
In short:
Set a proxy in your ionic.config.json file:
{
"name": "proxy-example",
"app_id": "",
"proxies": [
{
"path": "/api",
"proxyUrl": "http://cors.api.com/api"
}
]
}
Point your request to localhost with the port that your live reloading server is using. You can set this in your emulate command like this:
ionic cordova emulate ios -l -c -s --port 8080
CORS issue is something that should be handled at the server. If you are using Azure to deploy your Web Api And Azure Database service then,
1. Open Dashboard.
2. Open your Web API app service.
3. Select CORS which is under API header from menu.
4. Make allow origins to *
Reference Image
And also don't forget to allow all IP's[0.0.0.0 to 255.255.255.255] in the firewall setting in your Azure SQL server
Reference Image 2

Resources