We have an API that uses CORS to be accessible from a web app. In some cases Fly Edge makes a response, such as when the worker takes more than 60s to respond. When this happens, the CORS headers are gone. This leads to a 502 (in this example) being sent back that the web app / browser presents as a CORS error. Its misleading and confusing. Is there a way for the headers Fly Edge will respond with to be customized?
There’s an undocumented option in fly.toml
to modify outgoing headers that might be useful for you:
[services.ports.http_options.response.headers]
"set_header" = "value"
"set_header_multiple_values" = ["value1", "value2"]
"remove_header" = false
Keep in mind this will add the headers even when your app responds successfully, so you won’t be able to have CORS logic in your app.
1 Like
I have this TOML now, is it correct? Its different than yours in the double bracket nested part.
app = "..."
[env]
PORT = "8082"
[[services]]
internal_port = 8082
protocol = "tcp"
[[services.ports]]
force_https = true
handlers = ["http"]
port = 80
[[services.ports]]
handlers = ["tls", "http"]
port = 443
[[services.ports.http_options.response.headers]]
Access-Control-Allow-Origin = "*"
Access-Control-Allow-Methods = "*"
Access-Control-Allow-Headers = "*"
ah, no, I made the same mistake when figuring this out [[two brackets]]
is TOML for an array with an inner object; [one bracket]
puts an object directly on that key.
Ok, so this IIUC:
app = "..."
[env]
PORT = "8082"
[[services]]
internal_port = 8082
protocol = "tcp"
[[services.ports]]
force_https = true
handlers = ["http"]
port = 80
[[services.ports]]
handlers = ["tls", "http"]
port = 443
# https://community.fly.io/t/edge-headers/9278
[services.ports.http_options.response.headers]
Access-Control-Allow-Origin = "*"
Access-Control-Allow-Methods = "*"
Access-Control-Allow-Headers = "*"
That should work, yes.
1 Like