MozillaZine

(Resolved) Selectively enable CORS only for trusted site?

User Help for Mozilla Firefox
xmontero
 
Posts: 28
Joined: April 1st, 2004, 4:18 am

Post Posted April 29th, 2020, 2:16 am

Hello!

We all agree CORS protects us. But playing with docker, in a devel environment, within a LAN, there's the following setup:

192.168.3.11:9999 = FRONT => A frontend for administrating a docker registry (web/html)
192.168.3.22:5000 = API => The docker registry (API)

The javascript in the FRONT calls the API. Naturally, CORS fails.

We don't want to add allowance headers in the docker registry as the docker registry even does not know there's a client "there". It serves "all clients".

This is a LAN inside our office and we control that all clients are Firefox. I know that I could completely disable CORS but I don't want that; that would unprotect us when browsing normally.

Question

Is there a way to tell Firefox "hey, permit CORS just for the 192.168.3.11:9999 <=> 192.168.3.22:5000 crossover, but keep the rest protected under CORS restrictions?
Last edited by DanRaisch on April 29th, 2020, 6:44 am, edited 1 time in total.
Reason: Resolved added to subject per OP's report.

xmontero
 
Posts: 28
Joined: April 1st, 2004, 4:18 am

Post Posted April 29th, 2020, 3:04 am

I answer myself. The solution is the addon "CORS Everywhere" https://addons.mozilla.org/es/firefox/a ... src=search

I say here how I configured it for this setup: https://github.com/Joxit/docker-registr ... -621104846

Return to Firefox Support


Who is online

Users browsing this forum: Google [Bot] and 9 guests