openlitespeed icon indicating copy to clipboard operation
openlitespeed copied to clipboard
verified publisher icon litespeedtech

The environment variable is set incorrectly

Open ziaratban opened this issue 11 months ago • 1 comments

Hi

I want to control Access-Control-Allow-Origin header for multiple domains.

To do this, I make these settings:

  1. Create Virtual host front
  2. Create a static context with / URI
  3. Set Rewrite Rules to :
RewriteCond %{HTTP:Origin} ^https?://(www\.)?(.*?example\.com3|.*?example\.com4)$
RewriteCond %{REQUEST_FILENAME} -f
RewriteRule . - [E=AccessControlAllowOrigin:%{HTTP:Origin}]
  1. Set Header Operations to :
add Access-Control-Allow-Origin %{AccessControlAllowOrigin}e
set service-worker-allowed /
  1. Map Virtual host front to a 443 Listener image

What is happening?

In sometimes , lsws set incorrect AccessControlAllowOrigin value in response. This mostly happens for font file requests.

Example

Request headers :

GET /googleIcon/fonts/outlined2.woff2 HTTP/2
Host: example.com
User-Agent: Mozilla/5.0 (****) Gecko/20100101 Firefox/133.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sub1.example.com3     <<<<<<<<<<< Problem
Connection: keep-alive
Referer: https://example.com/components/googleIcon/outlined.min.css?kplhp
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

Response headers :

HTTP/2 200 
cache-control: public, max-age=604800
expires: Fri, 17 Jan 2025 22:01:32 GMT
etag: "406e8-678054de-cd070;;;"
last-modified: Thu, 09 Jan 2025 22:59:42 GMT
content-type: font/woff2
content-length: 263912
accept-ranges: bytes
date: Fri, 10 Jan 2025 22:01:32 GMT
server: LiteSpeed
access-control-allow-origin: https://sub2.example.com3    <<<<<<<<<<< Problem
service-worker-allowed: /
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2

OpenLiteSpeed version : 1.8.2

ziaratban avatar Jan 11 '25 13:01 ziaratban

The wrong domain name https://sub2.example.com3 is likely coming from somewhere else. Need to turn on debug logging see if it catch something.

litespeedtech avatar Feb 06 '25 17:02 litespeedtech