Web Service CORS Configuration
Your cue-web
application is now running on the nginx
default port, 81. In order to be able to run correctly it needs to be
able to send requests to the
Escenic Content Engine's
web service. This web service may possibly be running on a different
host in a different domain. Even if it is running on the same host as
nginx, it will most likely be listening on port 8080 (Tomcat's default
port). This means that by default any requests from the
cue-web
application to the
Content Engine
web service will be rejected as cross-origin scripting exploits.
You can, however, enable cross-origin communication between the
cue-web
application and the
Content Engine
web service by setting up an nginx proxy for the web service that
redirects requests to the actual web service and also adds the
CORS
headers needed to ensure that the requests will not be rejected.
Here is an example of a
/etc/nginx/default-site/webservice.conf
file that
sets up a proxy that will work if
CUE is
installed on the same host as the
Content Engine
web service:
location ~ "/(webservice|webservice-extensions)/(.*)" { if ($http_origin ~* (http://localhost(:[0-9]+)?)$) { set $cors "true"; } if ($request_method = 'OPTIONS') { set $cors "${cors}options"; } if ($request_method = 'GET') { set $cors "${cors}get"; } if ($request_method = 'HEAD') { set $cors "${cors}get"; } if ($request_method = 'POST') { set $cors "${cors}post"; } if ($request_method = 'PUT') { set $cors "${cors}post"; } if ($request_method = 'DELETE') { set $cors "${cors}post"; } if ($cors = "trueget") { add_header "Access-Control-Allow-Origin" "$http_origin"; add_header "Access-Control-Allow-Credentials" "true"; add_header "Access-Control-Expose-Headers" "Link,X-ECE-Active-Connections,Location,ETag,Allow"; } if ($cors = "truepost") { add_header "Access-Control-Allow-Origin" "$http_origin"; add_header "Access-Control-Allow-Credentials" "true"; add_header "Access-Control-Expose-Headers" "Link,X-ECE-Active-Connections,Location,ETag,Allow"; } if ($cors = "trueoptions") { add_header 'Access-Control-Allow-Origin' "$http_origin"; add_header 'Access-Control-Allow-Credentials' 'true'; add_header 'Access-Control-Max-Age' 1728000; add_header 'Access-Control-Allow-Methods' 'GET, POST, HEAD, OPTIONS, PUT, DELETE'; add_header 'Access-Control-Allow-Headers' 'Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,If-Match,If-None-Match,X-Escenic-Locks,X-Escenic-media-filename'; add_header 'Content-Length' 0; add_header 'Content-Type' 'text/plain charset=UTF-8'; return 204; } proxy_set_header Host $http_host; proxy_pass http://127.0.0.1:8080; }
If you have installed CUE on a different machine from the Content Engine web service (potentially in a different domain), then you will need to modify the above example as follows:
-
Replace the origin filter at the top of the file:
if ($http_origin ~* (http://localhost(:[0-9]+)?)$) { set $cors "true"; }
with a filter for the domain in which the cue-web application is running. For example:
if ($http_origin ~* (https?://[^/]*\.dev\.my-cue-domain\.com(:[0-9]+)?)$) { set $cors "true"; }
-
Replace the target IP address at the bottom of the file:
proxy_pass http://127.0.0.1:8080;
with the IP address or domain name of the Content Engine web service, for example:
proxy_pass http://my-webservice-domain.com:8080;