asked on April 13, 2023
We are evaluating flexmonster, but have trouble getting it to work on our staging server. The app running on the server is hosted under a https:// domain with this header:
access-control-allow-origin: *
But the flexmonster component errors out with "Unable to connect to the custom data source API endpoint 'http://localhost:9500/fields'."
The network errors we see in the browser console suggests CORS issues. For example:
OPTIONS http://localhost:9500/handshake results in "CORS Failed"
POST http://localhost:9500/handshake results in "NS_ERROR_DOM_BAD_URI"
From the server terminal we can confirm the failing urls do exist:
curl -X POST http://localhost:9500/handshake --head
HTTP/1.1 415 Unsupported Media Type
Content-Type: application/problem+json; charset=utf-8
Date: Thu, 13 Apr 2023 12:52:47 GMT
Server: Kestrel
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Referrer-Policy: unsafe-url
X-Frame-Options: ALLOWALL
We have tried the things suggested in this help article.
Flexmonster looks very promising for our application. Any help in proving that it can run on our server will be appreciated.
⋅ April 14, 2023
Hello Jannie,
Thank you for reaching out to us.
We recommend checking if the Data Server is accessible by opening the URL http://localhost:9500 in the browser. Are there any issues in the browser developer console or directly on the page?
If there are no errors, this issue may be caused by the mixed content. If your website uses HTTPS, all content delivered via HTTP on these pages will be blocked by default. The recommended solution here is to use HTTPS for your server.
If you use Flexmonster Data Server, you are welcome to check this guide in our documentation for reference: https://www.flexmonster.com/doc/security-and-authorization-guide/#https
Also, could you please confirm if you use Flexmonster Data Server? It would greatly help us.
Please let us know if you found our answer helpful. Looking forward to hearing from you.
Kind regards,
Nadia
⋅ April 14, 2023
Thank you Nadia.
To clarify further: we are running ./flexmonster-data-server on a headless linux server with no GUI. We only have terminal access, so we can't browse to http://localhost:9500 as you suggest. For the same reason, we also can't use the Admin Panel to configure auth and https.
We have now configured a reverse proxy in our nginx config to get flexmonster to run under our app domain like this:
location /flex/ {
proxy_pass http://0.0.0.0:9500/;
}
⋅ April 14, 2023
Hello Jannie,
Thank you for the details.
We recommend configuring a secure HTTPS connection for the Flexmonster Data Server used as a console application. It can be configured in the flexmonster-config.json. Feel free to check the following guide: https://www.flexmonster.com/doc/security-and-auth-for-console-app/#https
Please let us know if it works for you. Looking forward to hearing from you.
Kind regards,
Nadia
⋅ April 14, 2023
For others who want to do the same thing: we also had to run the service in the background so it does not stop when we end the terminal session:
nohub ./flexmonster-data-server &
⋅ April 14, 2023
Hello,
Thank you for the confirmation.
Regarding your point that the service should run in the background, kindly note that we also provide a service-install script — the executable file to install the Data Server as a service. This way, it is still running if the terminal session is ended, and it is also started automatically when the server is reloaded.
You are welcome to write to us in case further questions arise.
Kind regards,
Nadia