pull down to refresh

100 sats \ 3 replies \ @ek 9 Jun \ parent \ on: Stacker Saloon
This is actually an issue in phoenixd.
Because the request is cross-origin, your browser sends an OPTIONS pre-flight request. Phoenixd should handle that, but it doesn't. I guess it assumes that only other servers will call it, but not a browser.
However, since you will also need to reply with CORS headers, you will need to run a reverse proxy to enable CORS anyway. You can then also handle the OPTIONS request in the reverse proxy.
For reference, this is my nginx config:
upstream phoenixd {
  server 127.0.0.1:9740;
}

server {
    server_name phoenixd.ekzy.is;
    listen      80;
    listen      [::]:80;

    return 301 https://phoenixd.ekzy.is$request_uri;
}

server {
    server_name         phoenixd.ekzy.is;
    listen              443 ssl;
    listen              [::]:443 ssl;

    ssl_certificate     /etc/letsencrypt/live/phoenixd.ekzy.is/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/phoenixd.ekzy.is/privkey.pem;

    location / {
      if ($request_method = OPTIONS) {
        return 204;
      }

      add_header 'Access-Control-Allow-Origin' '*' always;
      add_header 'Access-Control-Allow_Credentials' 'true' always;
      add_header 'Access-Control-Allow-Headers' '*' always;
      add_header 'Access-Control-Allow-Methods' 'GET,POST,OPTIONS,PUT,DELETE,PATCH' always;

      proxy_set_header Host $http_host;
      proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
      proxy_set_header X-Forwarded-Proto $scheme;
      proxy_set_header X-Forwarded-Prefix /;
      proxy_pass http://phoenixd$request_uri;
   }

   include letsencrypt.conf;
}
Does this make sense to you?
write
preview
33 sats \ 2 replies \ @nullama 9 Jun
OK, cool, it makes sense. I thought there was something wrong. I just need to configure this a bit more. Thanks for the reply.
reply
0 sats \ 1 reply \ @ek 9 Jun
No worries. Let me know if you run into any other issues!
reply
0 sats \ 0 replies \ @Bell_curve 10 Jun outlawed
stackers have outlawed this. turn on wild west mode in your /settings to see outlawed content.