Hi, I got similar issue some months ago and I fixed it by adding headers configuration in CORS section: *credentials*false x <http://cloudbatiscript.scriptandgo.com/_utils/config.html#remove> *headers*Authorization,Content-Type,Accept x <http://cloudbatiscript.scriptandgo.com/_utils/config.html#remove> *methods*GET, POST, PUT, DELETE x <http://cloudbatiscript.scriptandgo.com/_utils/config.html#remove> *origins**
Hop it'll help you. Max. 2015-09-16 12:22 GMT+02:00 Conor Mac Aoidh <[email protected]>: > Hi Foucauld, > > Thanks for the useful link. > > However, I'm not using a self-signed cert. Also, I already have a proxy > that implements SSL + JWT authentication for couchdb. I'm currently trying > to remove that proxy (due to the recent creation of a JWT authentication > plugin for couch), and connect directly to couch. If I can't get this > working, I might end up using stunnel as it is a minimal, efficient proxy. > But I had hoped to do everything with couch, so that the it would scale up > easily. > > Thanks > > Conor > > > On 16/09/15 11:03, Foucauld Degeorges wrote: > >> Hi Conor, >> >> I've had issues with CouchDB's HTTPS in general. Same type of symptoms : >> curl works OK, browsers don't. I thought it might be specific to >> self-signed SSL certificates, but I never tried with a regular >> certificate. >> Anyway, a previous email on this mailing list hinted that CouchDB's Erlang >> implementation of SSL may be buggy. The suggestion was to use a >> HTTP<->HTTPS proxy in front of the CouchDB, such as stunnel. >> Here's a "self-solved" issue on StackOverflow : >> >> http://stackoverflow.com/questions/30939983/couchdb-over-https-and-self-certified-certificate-browsers-reject-it >> >> Regards >> Foucauld >> >> >> 2015-09-16 11:51 GMT+02:00 Conor Mac Aoidh <[email protected]>: >> >> Hi yes, 'enable_cors' is set to true. I think it could be a server >>> configuration problem as couchdb config looks ok. >>> >>> Thanks >>> >>> Conor >>> >>> >>> On 15/09/15 17:25, Aurélien Bénel wrote: >>> >>> Hi Conor, >>>> >>>> ➜ curl -X GET https://example.com:6984/_config/cors >>>> Should we assume you also set `enable_cors`? >>>> >>>> [httpd] >>>> enable_cors = true >>>> >>>> >>>> Regards, >>>> >>>> Aurélien >>>> >>>> >>> >
