New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fix: use grails configuration for CORS settings #15457
Fix: use grails configuration for CORS settings #15457
Conversation
Grails can handle CORS on its own. It just has to be configured in `/etc/bigbluebutton/bbb-web.properties`: ~~~ grails.cors.enabled=true grails.cors.allowedOrigins=https://bbb-proxy.example.org grails.cors.allowCredentials=true ~~~ This is a breaking change of the nginx config if (and only if) you run a cluster setup as described in https://docs.bigbluebutton.org/admin/clusterproxy.html **If** you run such a setup, you **need** to change `/etc/bigbluebutton/bbb-web.properties`. Otherwise users won't be able to join meetings, upload slides etc. The change in `PresentationController.groovy` fixes the handling of `OPTIONS` requests in the `/bigbluebutton/presentation/checkPresentation` handler.
SonarCloud Quality Gate failed. 3 Bugs No Coverage information |
Thanks for this contribution @schrd ! We chatted about this internally and it looks like a very welcome change! We'd be looking into including this on BBB 2.6 I just wanted to keep you posted on the positive feedback. Thanks again! |
What's the status here? |
Hello, guys, sorry for the delayed response. So, I tested this PR with a reverse proxy and only one instance of BBB, and there is something I want you to add in the configuration part, adjusting @schrd's comment: in grails.cors.enabled=true
grails.cors.allowedOrigins=https://bbb-proxy.example.com,https://bbb.example.com
grails.cors.allowCredentials=true This fixes a connection problem with etherpad. What was happening is that bbb-web was allowed to receive requests from the proxy, but not the instance itself as it was calling the And shared notes keeps loading: With the solution mentioned, all goes as expected! |
I think this is something else. Pad requests never should go through the proxy. Maybe someone is generating a URL |
Yeah, it seems that for the client to connect to the pad, it has to get the session for the etherpad component, so, I guess this request to |
As I already commented on #15753 there are some fixes to the etherpad's files for nginx to avoid other CORS problem and resolve item B on #15436, so in #15753 we have a simple solution that could address it. The problem happens when the user clicks the bigbluebutton/bigbluebutton-html5/imports/ui/components/notes/converter-button/service.js Line 18 in 045e2ec
Bearing this in mind, as @schrd pointed out in #15753 (comment) there may be a better solution for that, so we will hold this PR a bit. |
@schrd, when you find it, please, respond back in this PR, so that we can properly merge it, because outside of the thing I mentioned before, it is working just fine!! |
@GuiLeme sorry for being so late. With alangecker/bbb-etherpad-plugin#7 CORS problems in shared notes should be gone. |
Hey @schrd, so, can we close this PR? Or is it still to be merged? |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Ok, so after a thorough review, it looks very good, and I don't seem to find any trouble regarding this PR. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM!
What does this PR do?
It removes quirks from bbb-web nginx config and uses grails config options to properly support CORS requests. CORS requests are only required if you run a cluster proxy setup as described in https://docs.bigbluebutton.org/admin/clusterproxy.html
Closes Issue(s)
Closes #15436
Motivation
Grails can handle CORS on its own. It just has to be configured in
/etc/bigbluebutton/bbb-web.properties
:This is a breaking change of the nginx config if (and only if) you run a
cluster setup as described in
https://docs.bigbluebutton.org/admin/clusterproxy.html
If you run such a setup, you need to change
/etc/bigbluebutton/bbb-web.properties
. Otherwise users won't be ableto join meetings, upload slides etc.
The change in
PresentationController.groovy
fixes the handling ofOPTIONS
requests in the/bigbluebutton/presentation/checkPresentation
handler.
More
PresentationController.groovy
still fix a bug.