CF not forwarding CORS headers


#1

I have tried all documention for CORS that CF has provided but my CORS headers still dosen’t arrive at my browser.

Can any one help me with a more detailed guide?


#2

Are you sure your server is sending them? I don’t see them when I connect directly and request a resource:

curl -k --resolve yourdomain:443:youroriginipaddress https://yourdomain/css/navbar.css -svo /dev/null --header “Origin: https://yourdomain

< HTTP/1.1 200 OK
< Date: Mon, 08 Jan 2018 18:35:15 GMT
< Server: Apache
< Last-Modified: Sat, 06 Jan 2018 11:46:04 GMT
< Accept-Ranges: bytes
< Content-Length: 887
< Vary: Accept-Encoding
< Content-Type: text/css
<


#3

It is when i try to connect on port 8443, it get this error in Chrome:

Failed to load https://example.com:8443/?query=true: No ‘Access-Control-Allow-Origin’ header is present on the requested resource. Origin ‘https://example.com’ is therefore not allowed access. The response had HTTP status code 521.


#4

Your server doesn’t appear to be listening on port 8443, attempts to curl or telnet to that port fail and the 521 error would seem to confirm that.

Does it work when the resource is :grey: and you bypass Cloudflare entirely? I would think not since I’m testing against the origin directly…


#5

If i do

netstat -tnl | grep 8443
tcp6 0 0 :::8443 :::* LISTEN

i can see that it is listening on port 8443

EDIT:
This only happens when i try to do it over HTTPS


#6

Unless you’ve locked down your firewall to prevent no Cloudflare IP addresses from accessing just that port it doesn’t appear accessible from the outside. I responds just fine on 443:

telnet yourip 8443
Trying yourip…
telnet: Unable to connect to remote host: Connection refused

When you gray cloud the record in DNS can you connect?


#7

No, i can not, but i can connect to the local ip on my LAN


#8

Your firewall config probably lacks a mapping for 8443 inbound to that machine.