1. Forum
  2. Usenet
  3. COMP.INFOSYSTEMS.WWW.SERV

  • CORS on Apache Server fro Windows

    From valmlouis@gmail.com@21:1/5 to All on Tue Nov 29 19:18:35 2016
    I am using Apache 2.4 for Windows, with Windows 10.

    I have configured a reverse proxy with the Apache server.
    My web application works behind the Apache reverse proxy.

    I am trying to use my web application ('http://192.168.1.2:20100) to copy a jpeg picture from another website which unfortunately has no CORS configuration ('http://192.168.1.103:80). I have no access to change it.
    The schematic is to have my web application send a request to the Apache server. The Apache server copy the jpeg image from the website. Then the picture is sent back to my web application by the Apache server.

    Below is the configuration on the Apache server to enable CORS:

    Listen 192.168.1.2:8080

    <FilesMatch "\.(gif|ico|jpe?g|png)$">
    Header always set Access-Control-Allow-Origin: http://192.168.1.2
    Header always set Access-Control-Allow-Credentials: true
    Header always set Access-Control-Max-Age: 86400
    Header always set Access-Control-Allow-Headers "X-Requested-With,Origin,Authorization,X-Accept-Charset,X-Accept,Content-Type"
    Header always set Access-Control-Allow-Methods "POST, GET, OPTIONS"
    Header always set Access-Control-Request-Headers "X-Requested-With,Origin,Authorization,X-Accept-Charset,X-Accept,Content-Type"
    RewriteEngine On
    RewriteCond %{REQUEST_METHOD} OPTIONS
    RewriteRule ^(.*)$ $1 [R=200,L,E=HTTP_ORIGIN:%{HTTP:ORIGIN}]] </FilesMatch>

    This configuration is in the Apache httpd.conf file.
    When I run my web application, I am getting the error message below:

    Access to Image at 'http://192.168.1.103:80' from origin 'http://192.168.1.103:80'
    has been blocked by CORS policy: No 'Access-Control-Allow-Origin'
    header is present on the requested resource. Origin 'http://192.168.1.2:8080' is therefore not allowed access.

    So, I think the problem is that the Apache server transmits the CORS request, from my web application, to the target website which cannot accept it. So the CORS request from my web application must not be transmitted to the target website by the Apache
    server.
    So, how can I configure the Apache server so that it will receive and accept the CORS from my web application but will submit a normal request (without CORS) to the target website?
    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)