x-faro-session-id header for faro receiver giving CORS error

[navya-zs]

Hi ,
I am using grafana agent to monitor the logs but facing the below error while I am initialising faro

Access to fetch at 'http://localhost:12345/collect' from origin 'http://localhost:8000/’ has been blocked by CORS policy: Request header field x-faro-session-id is not allowed by Access-Control-Allow-Headers in preflight response.

Steps to reproduce

• Run latest version of Grafana Agent
• Run latest version of Grafana Faro Web SDK

Latest release v0.38.1 says,
Bugfixes:
Permit X-Faro-Session-ID header in CORS requests for the faro.receiver
component (flow mode) and the app_agent_receiver integration (static mode).

Though I have upgraded the agent version to v0.38.1 and restarted the agent I am still facing the same error

Currently I am using,

grafana-agent static mode
faro-web-sdk version: v1.3.5
Grafana-agent version: v0.38.1

Any idea what is the issue ? What am I missing?

[rfratto]

Can you share your config?

[navya-zs]

This is my grafana agent config

server:
  log_level: debug
metrics:
  wal_directory: /tmp/wal
  global: {}
  configs:
    - name: default
      remote_write:
        - url: http://localhost:5001/api/v1/push
          headers:
            x-org-api-key: 8c2b26fd-5e8e-4cb6-816d-25999ce3543e
logs:
  positions_directory: /tmp/loki-pos
  configs:
    - name: default
      clients:
        - url: http://localhost:8000/farologs
          tenant_id: 8c2b26fd-5e8e-4cb6-816d-25999ce3543e
traces:
  configs:
    - name: default
      batch:
      receivers:
        otlp:
          protocols:
            grpc: 
      remote_write:
        - endpoint: localhost:55680
          insecure: true
integrations:
  app_agent_receiver_configs:
    - autoscrape:
        enable: true
        metrics_instance: 'default'
      instance: 'frontend'
      logs_instance: 'default'
      server:
        host: 0.0.0.0
        port: 12345
        cors_allowed_origins: 
          - '*'
      logs_labels: 
        app: frontend 
        kind: # value will be taken from log items. exception, log, measurement, etc
        page_url:
        app_name:
      logs_send_timeout: 5000
      sourcemaps:
        download: true

[navya-zs]

updated faro-web-sdk version to v1.7.0
Grafana-agent version: v0.38.1

still i could see the same error
Access to fetch at 'https://abcd.com/collect' from origin 'http://localhost:3000/' has been blocked by CORS policy: Request header field x-faro-session-id is not allowed by Access-Control-Allow-Headers in preflight response.

Am I missing anything here ? Any idea what is the issue ? @rfratto

[titaneric]

Have you adopted ingress controller like traefik when sending telemetry data to grafana agent? You may need to configure CORS at ingress side

[navya-zs]

We use ingress controller ngnix and we have the below configs set

nginx.ingress.kubernetes.io/cors-allow-origin: "*"
nginx.ingress.kubernetes.io/cors-allow-headers: "* , x-faro-session-id"

[navya-zs]

Is there any other configurations that need to be configured other than these ?

[navya-zs]

@titaneric @rfratto
anything I am missing here ?

[sudonitt018]

hello, were you able to resolve the issue? I am also facing the same error and setup is pretty much similar to yours.

grafana_agent version: 0.41.1
faro sdk: 1.7.2

we also use ingress controller and we have the same annotations but still no luck.

[roverdevest]

@navya-zs @sudonitt018 there seem to be an open MR for nginx ingress controller to allow wildcards kubernetes/ingress-nginx#11655

explicitly defining the headers seem to work here.

nginx.ingress.kubernetes.io/cors-allow-headers: "DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,x-faro-session-id,x-api-key"