When my app hits the oauth2-proxy for the manifest.json, I get the following error:
Access to manifest at 'https://<auth-url>/oauth2/start?rd=%2F<url>%2Fmanifest.json' (redirected from 'https://<url>/manifest.json') from origin 'https://<url>' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
Is there a way to add the origin to the access control list? I don't see a parameter I can set...
I don't think we have any CORS support, how are you running the proxy? On it's own or with something like nginx doing a subrequest for the authentication?
Wasn't an oauth issue at all.
how did you solve this issue?
I didn't, it just wasn't an issue lol
FYI I solved the issue with activating CORS on the Ingress with the annotation:
nginx.ingress.kubernetes.io/enable-cors: true
I am getting blocked by CORS and I don't understand this, so if someone could help me out I would really appreciate it--
I am running an app in docker with the oauth2-proxy image. I want to use the oauth2-proxy image to authorize users with github. So I redirect users to /oauth2/sign_in. Then when I try to access the user's profile from the client app with a request to the oauth2-proxy server at /oauth2/userinfo, I get blocked by CORS. The whole reason I am using oauth2-proxy is to get around CORS issues when authorizing with github. So how do I make /oauth2/userinfo work?
Most helpful comment
FYI I solved the issue with activating CORS on the Ingress with the annotation:
nginx.ingress.kubernetes.io/enable-cors: true