####CORS
Freaking out about CORS? Me to, lets add here some solutions which are readable
!
#####What is CORS?
- origin1 http://localhost:8000
- origin2 http://pouchdb.com
For Security reasons you can not make Requests to another origin
. So requests from origin1
to origin2
are normally forbidden.
If you still want to do that, origin2 (Server)
has to allow it.
####Clients #####Chrome
- disable-same-origin-policy-in-chrome
- Is there a working Plugin?
#####Firefox todo
####Server #####CouchDB ######Allow CORS from CouchDB
######Cordova, Ionic, IOS, Android solution CORS should never be a Problem, when origin1 is not a Server! localhost:8000 -> is a local server (CORS) index.html -> is just a file (NO CORS Problem) So when you deploy it, and you get a CORS warning, it's another problem
Search in the CouchDB config local.ini
for WWW-Authenticate = Basic realm="Administrator"
replace it with WWW-Authenticate = Other realm="App"
and it works again! YAAAY
#####Nginx todo
#####Apache todo
####Free SSL #####CouchDB Super cool is, that you can get easy free SSL certificates from Lets Encrypt, But they don't seem to work in CouchDB, because CouchDB has some problems with newer versions SSL/TLS. So you have to options:
todo
todo
#####Setup NGINX Proxy Proxy
####Open questions
- What does WithCredentials do?
- Why Proxy works without adding
{couch_httpd_auth, proxy_authentication_handler}
in CouchDB config and withoutadd_header X-Auth-CouchDB-UserName $remote_user;
in NGINX config. Even they tell you should do this in the wiki. - Can not use origins=* and credentials=true at the same time issue