APM RUM Angular CORS error

I have an Angular app and I am using the Angular APM Rum library. My APM server is behind an nginx reverse proxy. I'm getting CORS errors as per attached screenshot.

Kibana version:
7.11.0

Elasticsearch version:
7.11.0

APM Server version:
7.11.0

APM Agent language and version:
"@elastic/apm-rum-angular": "^1.1.10"

Browser version:
Chrome Version 89.0.4389.90

Original install method (e.g. download page, yum, deb, from source, etc.) and version:
My elastic stack is running in docker containers. So is the nginx proxy.

Fresh install or upgraded from other version?
Fresh

Is there anything special in your setup?
My APM server is behind an nginx reverse proxy.

Description of the problem including expected versus actual behavior. Please include screenshots (if relevant):
I'm getting CORS errors as per attached screenshot.

Docker-Compose:

    logstash:
      image: logstash:1.0
      build:
        context: logstash/
        dockerfile: Dockerfile
      ports:
        - "5044:5044"
        - "5000:5000/tcp"
        - "5000:5000/udp"
        - "9600:9600"
      networks:
        - innagoNetwork_dev
    apm-server:
      image: docker.elastic.co/apm/apm-server:7.11.0
      depends_on:
        elasticsearch:
          condition: service_healthy
        kibana:
          condition: service_healthy
      cap_add: ["CHOWN", "DAC_OVERRIDE", "SETGID", "SETUID"]
      cap_drop: ["ALL"]
      ports:
        - 8200:8200
      networks:
        - innagoNetwork_dev
      command: >
         apm-server -e
           -E apm-server.rum.enabled=true
           -E setup.kibana.host=kibana:5601
           -E setup.template.settings.index.number_of_replicas=0
           -E apm-server.kibana.enabled=true
           -E apm-server.kibana.host=kibana:5601
           -E output.elasticsearch.hosts=["elasticsearch:9200"]
      healthcheck:
        interval: 10s
        retries: 12
        test: curl --write-out 'HTTP %{http_code}' --fail --silent --output /dev/null http://localhost:8200/
    elasticsearch:
      image: docker.elastic.co/elasticsearch/elasticsearch:7.11.0
      environment:
      - bootstrap.memory_lock=true
      - cluster.name=docker-cluster
      - cluster.routing.allocation.disk.threshold_enabled=false
      - discovery.type=single-node
      - ES_JAVA_OPTS=-XX:UseAVX=2 -Xms1g -Xmx1g
      ulimits:
        memlock:
          hard: -1
          soft: -1
      volumes:
      - ../../../merlin_volumes/elasticsearch/data:/usr/share/elasticsearch/data
  
      ports:
      - 9200:9200
      networks:
      - innagoNetwork_dev
      healthcheck:
        interval: 20s
        retries: 10
        test: curl -s http://localhost:9200/_cluster/health | grep -vq '"status":"red"'

    kibana:
      image: docker.elastic.co/kibana/kibana:7.11.0
      depends_on:
        elasticsearch:
          condition: service_healthy
      environment:
        ELASTICSEARCH_URL: http://elasticsearch:9200
        ELASTICSEARCH_HOSTS: http://elasticsearch:9200
      ports:
      - 5601:5601
      networks:
      - innagoNetwork_dev
      healthcheck:
        interval: 10s
        retries: 20
        test: curl --write-out 'HTTP %{http_code}' --fail --silent --output /dev/null http://localhost:5601/api/status

nginx config

APM Server stuff at the bottom.

server {
    if ($host = socket.local.com) {
        return 301 https://$host$request_uri;
    }
	   if ($host = elk.local.com) {
        return 301 https://$host$request_uri;
    }
	if ($host = apm.local.com) {
        return 301 https://$host$request_uri;
    }
    listen 80;
    client_max_body_size 150M;
    server_name socket.local.com;
    return 301 https://$host$request_uri;
}

server {
    listen 443 ssl http2;
    client_max_body_size 150M;
    server_name socket.local.com;
    location / {
        proxy_pass http://signalrhub:80;
        proxy_http_version 1.1;
        proxy_set_header X-Forwarded-For $remote_addr;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Host $host;
        proxy_cache_bypass $http_upgrade;
        proxy_set_header   X-Forwarded-Host $host:$server_port;
        proxy_set_header   X-Forwarded-Proto $scheme;
        proxy_set_header   Connection $http_connection;

    }    

    location signalr/ {
        proxy_pass http://signalrhub:80;
        proxy_http_version 1.1;
        proxy_set_header X-Forwarded-For $remote_addr;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Host $host;
        proxy_cache_bypass $http_upgrade;
        proxy_set_header   X-Forwarded-Host $host:$server_port;
        proxy_set_header   X-Forwarded-Proto $scheme;
        proxy_set_header   Connection $http_connection;        
    } 
    
    ssl on;
    ssl_certificate /etc/nginx/certs/local.crt;
    ssl_certificate_key /etc/nginx/certs/local.key;
}



server {
    if ($host = innago.local.com) {
        return 301 https://$host$request_uri;
    }
    listen 80;
    client_max_body_size 150M;
    server_name innago.local.com;
    return 301 https://$host$request_uri;
}

server {
    listen 443 ssl http2;
    server_name innago.local.com;
    client_max_body_size 150M; 

    location ^~ /landlord/lease-template {
    alias /var/www/property-owner/lease-template;
    index  index.html index.htm;
    try_files $uri$args $uri$args/ /property-owner/lease-template/index.html;
    proxy_http_version 1.1;
    proxy_set_header X-Forwarded-For $remote_addr;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Host $host;
    proxy_cache_bypass $http_upgrade;
    proxy_set_header   X-Forwarded-Host $host:$server_port;
    proxy_set_header   X-Forwarded-Proto $scheme;
    proxy_set_header   Connection $http_connection;
    }    

    location ^~ /Landlord {
    alias /var/www/property-owner;
    index  index.html index.htm;
    try_files $uri$args $uri$args/ /property-owner/index.html;
    proxy_http_version 1.1;
    proxy_set_header X-Forwarded-For $remote_addr;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Host $host;
    proxy_cache_bypass $http_upgrade;
    proxy_set_header   X-Forwarded-Host $host:$server_port;
    proxy_set_header   X-Forwarded-Proto $scheme;
    proxy_set_header   Connection $http_connection;
    }  

    location ^~ /Tenant {
    alias /var/www/tenant;
    index  index.html index.htm;
    try_files $uri$args $uri$args/ /tenant/index.html;
    proxy_http_version 1.1;
    proxy_set_header X-Forwarded-For $remote_addr;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Host $host;
    proxy_cache_bypass $http_upgrade;
    proxy_set_header   X-Forwarded-Host $host:$server_port;
    proxy_set_header   X-Forwarded-Proto $scheme;
    proxy_set_header   Connection $http_connection;
    }  

    location ^~ /Admin {
    alias /var/www/admin;
    index  index.html index.htm;
    try_files $uri$args $uri$args/ /admin/index.html;
    proxy_http_version 1.1;
    proxy_set_header X-Forwarded-For $remote_addr;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Host $host;
    proxy_cache_bypass $http_upgrade;
    proxy_set_header   X-Forwarded-Host $host:$server_port;
    proxy_set_header   X-Forwarded-Proto $scheme;
    proxy_set_header   Connection $http_connection;
    }  


    location / {
    root /var/www/auth;
    index  index.html index.htm;
    try_files $uri$args $uri$args/ /index.html;
    proxy_http_version 1.1;
    proxy_set_header X-Forwarded-For $remote_addr;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Host $host;
    proxy_cache_bypass $http_upgrade;
    proxy_set_header   X-Forwarded-Host $host:$server_port;
    proxy_set_header   X-Forwarded-Proto $scheme;
    proxy_set_header   Connection $http_connection;
    }

    
    ssl on;
    ssl_certificate /etc/nginx/certs/local.crt;
    ssl_certificate_key /etc/nginx/certs/local.key;
}

server {
    client_max_body_size 150M;
    server_name elk.local.com;
    location / {
        proxy_pass http://logstash:80;
        proxy_http_version 1.1;
        proxy_set_header X-Forwarded-For $remote_addr;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Host $host;
        proxy_cache_bypass $http_upgrade;
        proxy_set_header   X-Forwarded-Host $host:$server_port;
        proxy_set_header   X-Forwarded-Proto $scheme;
        proxy_set_header   Connection $http_connection;
    }
    ssl on;
    ssl_certificate /etc/nginx/certs/local.crt;
    ssl_certificate_key /etc/nginx/certs/local.key;    
}
server{
        listen 443 ssl http2;
        ssl_certificate_key /etc/nginx/certs/local.key;
        add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
		client_max_body_size 150M;
        server_name apigateway.local.com;
        location / {
            proxy_pass http://apigateway:80;
            proxy_set_header Host $host;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header X-Forwarded-Host $server_name;
            proxy_set_header X-Forwarded-Proto $scheme;
            proxy_cache_bypass $http_upgrade;
            add_header X-Frame-Options "SAMEORIGIN";
            add_header X-XSS-Protection "1; mode=block";
            proxy_http_version 1.1;
        }
    }

server {
        listen 443 ssl http2;
        ssl_certificate /etc/nginx/certs/local.crt;
        ssl_certificate_key /etc/nginx/certs/local.key;
        add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
		client_max_body_size 150M;
        server_name auth.local.com;
        location / {
            proxy_pass http://identityserver:80;
            proxy_set_header Host $host;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header X-Forwarded-Host $server_name;
            proxy_set_header X-Forwarded-Proto $scheme;
            proxy_cache_bypass $http_upgrade;
            add_header X-Frame-Options "SAMEORIGIN";
            add_header X-XSS-Protection "1; mode=block";
            proxy_http_version 1.1;
        }
    }

server {
    client_max_body_size 150M;
    server_name apm.local.com;
    location / {
        proxy_pass http://apm-server:8200;
        proxy_http_version 1.1;
        proxy_set_header X-Forwarded-For $remote_addr;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Host $host;
        proxy_cache_bypass $http_upgrade;
        proxy_set_header   X-Forwarded-Host $host:$server_port;
        proxy_set_header   X-Forwarded-Proto $scheme;
        proxy_set_header   Connection $http_connection;
    }
    ssl on;
    ssl_certificate /etc/nginx/certs/local.crt;
    ssl_certificate_key /etc/nginx/certs/local.key;    
}

Errors in browser console (if relevant):

Provide logs and/or server output (if relevant):


Request details
OPTIONS


ERROR

Hi @snowfrogdev ,

Thanks for reaching out.

To make the cross origin requests work you should add the origin of your web application to allowed origins configuration in APM server. Please see APM server and RUM agent documentation for more detail.

Cheers,
Hamid

This topic was automatically closed 20 days after the last reply. New replies are no longer allowed.