I’m running the Tasklist app on self-managed Camunda 8 platform behind a nginx reverse proxy which makes the TLS termination and upstreams to http://tasklist:8080.
I can successfully login with the demo user but nothing is loaded because the
POST /graphql returns a 403 with body
Invalid CORS request.
Does the Tasklist App recognizes the
X-Forwarded-Host, X-Forwarded-Proto, X-Forwarded-Port headers?
Or is there a cors configuration?
Today I remembered how to configure a spring boot app behind a reverse proxy and voilà it works:
Thanks @nathanael for coming back and share your solution with us
This made my day, thank you!
Hi @nathanael, I am facing same issue when trying to login to Tasklist that POST /graphql returns http 403 Invalid CORS request. My cluster is a self-managed instance and I have below Ingres controller for Tasklist. Based on Invalid CORS request, I have tried with highlighted option and annotations but the issue still persists.
Can you please mention where exactly did you specify SERVER_FORWARDHEADERSSTRATEGY=native to resolve this issue? Thanks.
SERVER_FORWARDHEADERSSTRATEGY=native is a spring boot configuration variable that the X-Forwarded Headers are evaluated by the spring app. You should set it as environment variable at your tasklist container, not ingress.
Did setting the “SERVER_FORWARDHEADERSSTRATEGY=native” environment variable on your tasklist container resolve the issue? I am running trying a similar setup behind a nginx reverse proxy which makes the TLS termination and upstreams to the tasklist service. I tried setting the “SERVER_FORWARDHEADERSSTRATEGY=native” environment variable on the tasklist container but continue to get the 403 with body
Invalid CORS request .
Hi @slandry , nope it didn’t resolve the issue for me. I have not proceeded from that point due to other issues. In my case, we’re deploying Camunda in an AWS Kubernetes cluster so I know the whole cluster is behind an application load balancer as well where I might need to debug into.
Thank you for following up. We are also using an AWS kubernetes cluster. There is network load balanacer in front of the app. I am going to try a few more things today. Its only the tasklist application experiencing the issue. I am able to use the operate app without any special configuration.