Sample of NGINX configuration for proxy
add_header Referrer-Policy "no-referrer";
add_header Strict-Transport-Security "max-age=15768000;
includeSubDomains" always;
add_header X-Frame-Options "";
add_header X-Content-Type-Options "nosniff" always;
add_header X-XSS-Protection "1; mode=block" always;
proxy_hide_header Server;
proxy_hide_header X-Powered-By;
proxy_hide_header X-Frame-Options;
client_body_timeout 10;
client_header_timeout 10;
proxy_pass http://localhost:8080/*subnamehere*/;
proxy_buffering off;
proxy_http_version 1.1;
proxy_set_header X-Forwarded-For
$proxy_add_x_forwarded_for;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $http_connection;
proxy_cookie_path /*subnamehere*/ "; HTTPOnly; Secure;
SameSite";
add_header 'Access-Control-Allow-Origin' '*';
add_header 'Access-Control-Allow-Methods' 'GET, POST,
OPTIONS';
access_log /var/log/nginx/guac_access.log;
error_log /var/log/nginx/guac_error.log;
*Thank You*
Sean Hulbert
*Security Centric Inc.*
A Cybersecurity Virtualization Enablement Company
/StormCloud Gov, Protected CUI Environment!/
Industry's most secure CMMC/iTAR virtual desktops!
*/FedRAMP MIL4 in PMO Review/*
System Award Management
*CAGE: 8AUV4*
*SAM ID: UMJLJ8A7BMT3*
AFCEA San Francisco Chapter President
If you have heard of a hacker by name, he/she has failed, fear the
hacker you haven’t heard of!
CONFIDENTIALITY NOTICE: This communication with its contents may contain
confidential and/or legally privileged information. It is solely for the
use of the intended recipient(s). Unauthorized interception, review, use
or disclosure is prohibited and may violate applicable laws including
the Electronic Communications Privacy Act. If you are not the intended
recipient, please contact the sender and destroy all copies of the
communication. Content within this email communication is not legally
binding as a contract and no promises are guaranteed unless in a formal
contract outside this email communication.
igitur qui desiderat pacem, praeparet bellum!!!
Epitoma Rei Militaris
On 2/21/2025 9:33 AM, Michael Jumper wrote:
On 2/21/25 4:18 AM, pavithra vijayakumar wrote:
Hi,
I'm using the following JavaScript code in my Blazor app (https://
localhost:724 <https://localhost:7248/>8),but I'm encountering a CORS
error when I try to connect with guacamole.
...
*Cors error: *
Access to fetch at 'http://localhost:8081/#/client/mvrfh789jgh=
<http:// localhost:8081/#/client/mvrfh789jgh=>'
<http://localhost:8081/api/ tokens%27> from origin
'https://localhost:7248' has been blocked by CORS policy: No
'Access-Control-Allow-Origin' header is present on the requested
resource. If an opaque response serves your needs, set the request's
mode to 'no-cors' to fetch the resource with CORS disabled.**
You will need to use a reverse proxy like Nginx or Apache HTTPD to add
the "Access-Control-Allow-Origin" header to responses from Tomcat.
- Mike
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscr...@guacamole.apache.org
For additional commands, e-mail: user-h...@guacamole.apache.org
