Hello,
I set up my LanguageTool server using this docker container GitHub - silvio/docker-languagetool: Dockerfile for LanguageTool .
I tunnel this traffic through an nginx reverse-proxy which encrypts the traffic and exposes it to port 443 on my server. Now, when I add this server as custom server in the firefox extension, it does not work.
Instead, it tries to correct the text for a few seconds before erroring out:
Sorry, something went wrong while checking your text (400)
Hi, can you open that API endpoint with a browser? What does it return? It should look like https://localhost:8081/v2/check?text=foobar&language=en-US with your local value for localhost:8081.
{"software":{"name":"LanguageTool","version":"4.5","buildDate":"2019-03-26 11:37","apiVersion":1,"premium":false,"premiumHint":"You might be missing errors only the Premium version can find. Contact us at support<at>languagetoolplus.com.","status":""},"warnings":{"incompleteResults":false},"language":{"name":"English (US)","code":"en-US","detectedLanguage":{"name":"Danish","code":"da-DK","confidence":0.46113405}},"matches":[]}
That sounds as if the --public --allow-origin '*' parameter was missing (works when called directly, doesn’t work when called from JS). But it’s in the docker’s start.sh. Maybe the reverse proxy messes up the CORS headers or something like that…
On further incpection it seems that something is way off with the extension. When I set add_header "Access-Control-Allow-Origin" *;, then the error message in the dev tools is:
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://languagetool.example.com/v2/check?instanceId=84191%3A1565727384820&c=1&v=2.3. (Reason: CORS header ‘Access-Control-Allow-Origin’ does not match ‘*, *’).
but when i set the header to add_header "Access-Control-Allow-Origin" "*, *"; it prints
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://languagetool.famhahn.xyz/v2/check?instanceId=33111%3A1565727813232&c=1&v=2.3. (Reason: CORS header ‘Access-Control-Allow-Origin’ does not match ‘*, *, *’).
It seems to expect more *,* then it currently recieves through the header.