Anyone have issues with multiple accept origin hea...
# announcementse
enough-camera-24490
08/29/2022, 7:18 PMAnyone have issues with multiple accept origin headers being sent from a self hosted solution
f
fresh-football-47124
08/29/2022, 7:19 PM
Hi Grant, what is your APP_ORIGIN setting?
fresh-football-47124
08/29/2022, 7:19 PM
you can also set the environment variable: CORS_ORIGIN_REGEX
e
enough-camera-24490
08/29/2022, 7:22 PMI'm going to have to wait for my coworker to get back to me with access credentials to the server. I will reply tomorrow.
f
fresh-football-47124
08/29/2022, 7:22 PM
okay!
e
enough-camera-24490
08/29/2022, 7:22 PMThank you so much for the quick response. I really appreciate it
enough-camera-24490
08/29/2022, 10:14 PM@fresh-football-47124 APP_ORIGIN: https://growthbook.fm.co:3000
enough-camera-24490
08/29/2022, 10:18 PMAnd I get two response headers for Access-Control-Allow-Origin
enough-camera-24490
08/30/2022, 5:21 PM@fresh-football-47124 I don't see the CORS_ORIGIN_REGEX variable in the docs. What would this do for me in this situation?
f
fresh-football-47124
08/30/2022, 5:22 PM
well, depends a bit on where the other header is coming from
fresh-football-47124
08/30/2022, 5:22 PM
are you running self hosted growthbook in docker?
fresh-football-47124
08/30/2022, 5:25 PM
the CORS_ORIGIN_REGEX is added to the APP_ORIGIN when determining the CORS headers
fresh-football-47124
08/30/2022, 5:25 PM
but it should be a comma separated list, not two headers.
e
enough-camera-24490
08/30/2022, 5:55 PMSelf hosted in docker
enough-camera-24490
08/30/2022, 5:55 PMAPP_ORIGIN is https://growthbook.fm.co:3000
But its also sending an origin header of '*' which is confusing
141 Views