Can't figure how to use remote control allow-origin

Mariie_L · November 18, 2021, 4:39pm

What is the problem you are having with rclone?

I want to access my rclone remote control server from a web app in another domain and --rc-allow-origin doesn't seem to work. I need to upload a file from the web app (javascript) and want to do it with the service operations/uploadfile.

In order to test the connectivity I tried with the service rc/noopauth wich works using curl. But when I try it from my javascript code I receive this error from the console :

Access to XMLHttpRequest at 'http://user:pass@myserveraddress:5572/rc/noopauth/' from origin 'http://localhost:8080' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.

What is your rclone version (output from `rclone version`)

my version is 1.57

Which cloud storage system are you using? (eg Google Drive)

Ceph

The command you were trying to run (eg `rclone copy /tmp remote:tmp`)

rclone rcd --rc-addr 0.0.0.0:5572 --rc-user user --rc-pass pass --rc-allow-origin http://myaddress:8080

The rclone config contents with secrets removed.

Paste config here

A log from the command with the `-vv` flag

Paste  log here

ncw · November 18, 2021, 4:48pm

Run the rclone rc test command with -vv --dump bodies and check the CORS header looks how you expect. Or do it with curl -v if you prefer.

Mariie_L · November 19, 2021, 8:35am

Thank you for your very quick answer!

here is the log with curl -v

curl -v -X POST -f http://user:pass@myrcloneserver:5572/rc/noopauth?test=test
* Trying myrcloneserver...
* TCP_NODELAY set
* Connected to myrcloneserver (myrcloneserver) port 5572 (#0)
* Server auth using Basic with user 'user'
> POST /rc/noopauth?test=test HTTP/1.1
> Host: myrcloneserver:5572
> Authorization: Basic c3BpZGVyOnNwaWRlcg==
> User-Agent: curl/7.55.1
> Accept: */*
>
< HTTP/1.1 200 OK
< Access-Control-Allow-Headers: authorization, Content-Type
< Access-Control-Allow-Origin: http://myaddress:8080/
< Access-Control-Request-Method: POST, OPTIONS, GET, HEAD
< X-Rclone-Jobid: 1
< Date: Fri, 19 Nov 2021 08:15:45 GMT
< Content-Length: 20
< Content-Type: text/plain; charset=utf-8
<

        "test": "test"
}
* Connection #0 to host myrcloneserver left intact

It seems alright to me but I'm still having the XMLHttpRequest at 'http://user:pass@myrcloneserver:5572/rc/noopauth?test=test' from origin 'http://localhost:8080' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.

Could this has to do with "Server auth using Basic "? Also I didn't set any htpasswd and I'm really sure if I should.

sweh · November 19, 2021, 2:45pm

Should your access-control header specify http://localhost:8080 as an allowed origin, since that's what you're connecting to... Or else try testing at http://myaddress:8080 instead

Mariie_L · November 19, 2021, 4:03pm

I tried with http://localhost:8080 and the result is the same..

Sorry if this is a dum question but I'm deploying my web application with a Payara Server at myaddress:8080 and still I get "from origin localhost" such as you mentioned before.

Should I do something to force my Ajax request so that the origin is bound to myaddress or is it the same?

Thanks a lot for your help and time !

system · December 19, 2021, 4:04pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.