Requirement
RedSync may require CORS support depending on configuration. In such a case, there are three options as follows:
- Use rack-cors
- Handle by Web Server
- Use Reverse Proxy
Use rack-cors
Rack provides an interface between a Web server and a Ruby application. The rack-cors is a Ruby module based on Rack and supports CORS.
The rack-cors requires the Web server for Redmine to conform to the Rack specification. The list of supported Web servers is here.
Please refer to this article for the installation.
Handle by Web Server
A web server can support CORS by adding headers and rewriting the status code in an HTTP response.
Apache
In the case of the Apache server, you can add the following definitions to the httpd.conf file.
<Location />
<IfModule mod_headers.c>
Header always set Access-Control-Allow-Origin "*"
Header always set Access-Control-Allow-Methods "POST, GET, OPTIONS, DELETE, PUT, PATCH"
Header always set Access-Control-Max-Age "7200"
Header always set Access-Control-Allow-Headers "Content-Type, x-redmine-api-key"
</IfModule>
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{REQUEST_METHOD} OPTIONS
RewriteRule ^(.*)$ $1 [R=200,L]
</IfModule>
</Location>
- Apache2 on Ubuntu/Debian
/etc/apache2/apache2.conf
Or you can create a new conf file in the/etc/apache2/conf-available
directory, then enable it by thea2enconf
command. - Bitnami (on Debian)
/opt/bitnami/apache/conf/httpd.conf
Use Reverse-Proxy
If you are using Redmine on SaaS or the IT department is managing the Redmine server, it may be difficult to change its configuration to support CORS. In such a case, the Reverse-Proxy server may be an option to support CORS.
If you are on the Pro plan, you can use RedSync Proxy to access the Redmine server without CORS support.