CORS 'Access-Control-Allow-Origin' not included in response #11111
Comments
It seems like it's always set @zbychu-waligruchga - are you sure you are using the right release? |
|
Even did presigned GET |
|
@harshavardhana I'm actually running into something similar right now, where pre-flight checks from the browser are throwing CORS errors with curl -H "Origin: http://minio:3000" \
-H "Access-Control-Request-Method: PUT" \
-H "Access-Control-Request-Headers: X-Requested-With" \
-X OPTIONS --verbose http://localhost:9000/testbucket
* Trying ::1... * TCP_NODELAY set
* Connected to localhost (::1) port 9000 (#0)
> OPTIONS /testbucket HTTP/1.1
> Host: localhost:9000
> User-Agent: curl/7.64.1
> Accept: */*
> Origin: http://minio:3000
> Access-Control-Request-Method: PUT
> Access-Control-Request-Headers: X-Requested-With
>
< HTTP/1.1 200 OK
< Vary: Origin
< Vary: Access-Control-Request-Method
< Vary: Access-Control-Request-Headers
< Date: Thu, 17 Dec 2020 04:01:16 GMT
< Content-Length: 0
<
* Connection #0 to host localhost left intact
* Closing connection 0Similarly to @zbychu-waligruchga, this is happening on pre-signed URLs from my backend application giving access to a frontend to interact with files. Requests are failing the pre-flight browser check. Using curl on the cli with the presigned urls directly work fine without the pre-flight check. |
|
@mojotalantikite here is what I sent to https://play.minio.io:9000 Don't even know what version of the software are you using here. |
|
"Don't even know what version of the software are you using here." Thanks for your response @harshavardhana! This was running in the latest docker container in my local dev environment. So it looks like things were running fine when I was doing this from a docker container spun up on the CLI with a normal Previously I was doing something like this: This would throw CORS errors during pre-flight from the browser. However, when I delete the This seems like unexpected behavior to me, so maybe this is something to document? I've seen a lot of issues opened in this repo's history of people having issues when doing pre-signed URLs for local testing -- which I'm guessing is a common use case for minio -- and I wouldn't be surprised if it's due to some docker configuration. Thanks again! |
|
Will check and get back. |
harshavardhana
changed the title
|
So I ran this docker compose version: '3.7'
# starts 4 docker containers running minio server instances.
# using nginx reverse proxy, load balancing, you can access
# it through port 9000.
services:
minio:
restart: always
image: minio/minio:latest
ports:
- "9000:9000"
volumes:
- s3-data:/data
entrypoint: minio server /data
minio_mc:
image: minio/mc:latest
depends_on:
- minio
entrypoint: >
/bin/sh -c "
/usr/bin/mc config host rm local;
/usr/bin/mc config host add --quiet --api s3v4 local http://minio:9000 minioadmin minioadmin;
/usr/bin/mc rb --force local/test-bucket/;
/usr/bin/mc mb --quiet local/test-bucket/;
/usr/bin/mc policy set public local/test-bucket;
"
volumes:
s3-data: |
|
I was getting the exact same issue, somehow it got fixed by simply deleting the previous volume used by my minio container, and creating a new one. As soon as I did this, my requests were working again! |
This is not confirmed right? I don't want to loose my existing data just to test this out. Since a few updates I am getting the following error on preflight requests when using presigned URLs: |
|
@nadilas correct, it hasn't been confirmed and the maintainers closed this out. My fix was the same, delete the volume and re-create it and the CORS errors went away. Can't promise that it'll work for you too, but if you can back the volume up and give it a try I'd be interested to hear if it clears things up for you as well. I still have a hunch that there is a bug somewhere. |
|
@mojotalantikite just to be clear it seems very distant and unrelated that what is on the mapped persistent volume can have an effect on what kind of headers are returned for preflight requests. 🤷🏼♂️ I already have the data backed up, I will try it tomorrow first thing... and try to restore the old data afterwards. |
|
@nadilas yeah, agreed, it seems strange, but for whatever reason it worked for me too. |
|
@mojotalantikite I have not many ideas how it is possible, but it works. Recreating the volume got rid of the error. Now the header is included. There must be some saved old state which caused the issue!? |
@nadilas most probably your container was not upgraded |
|
@harshavardhana if you mean the image used in the pods, I have explicitly updated the statefulset to pull the newest image after the issue presented itself. |
|
@nadilas yeah, it's likely some edge case having to do with how minio writes config state and the order in which a user sets up the system. It seems like I had the same sequence of events that is described in #11258 -- if you set Minio writes configs to I don't know what else to say. I took a look around the code base, particularly around how the CORS handler seems to be set from the globalAPIConfig, but I didn't come across anything that'd explain this behavior. It looks like these env variables mess up their tests, so maybe there is something going on that is rare and not accounted for. 🤷🏻♂️ At the very least this issue history might help someone in the future and save them some time. |
|
Thanks all for this writeup. We are facing the same issue. However with 50TB of data in my cluster, and a number of users around the clock, I am not very keen on deleting the volume as a fix... I am wondering if there's another way to trigger it to work. Can the |
|
We were also facing CORS issues. We just switched to the Bitnami Helm chart, since the official one was deprecated. We were having CORS issues using both the old and the new chart. However, we noticed that when we did a Can't really confirm that this is a waterproof workaround, but it does seem to have somehow resolved it for us. |
|
@frjonsen Do you know what |
|
This issue has been sufficiently resolved, if there are repeated problems please open a separate GitHub issue for a newer set of discussions. |
Minio does not include the CORS header Access-Control-Allow-Origin breaking CORS functionality.
Expected Behavior
Pre-Signed URL PUT/GET endpoints to return 'Access-Control-Allow-Origin' if request contain 'Origin' header.
Current Behavior
'Access-Control-Allow-Origin' is not included when interacting with pre-signed URLs
Possible Solution
Include 'Access-Control-Allow-Origin' in every response
Steps to Reproduce (for bugs)
Tested with and without preflight queries
Insomnia PUT request example
Regression
I believe this issue is a regression as it was discussed and reportedly working: #3985
Your Environment
The text was updated successfully, but these errors were encountered: