CORS Issue with Ollama and Zrok Proxy using Caddy on Flutter Web

Hello everyone,

I'm running into a CORS issue with my setup using Ollama for LLM processing, a Zrok proxy, and Caddy as the server. I'm building a Flutter Web app and using the ollama_dart: ^0.2.0 package to make API calls.

Here is my Caddyfile:

# Global config must be first
{
    # No listen on 2019/tcp with admin API
    admin off
    debug
}

(cors) {
  @cors_preflight method OPTIONS
  @cors header Origin {args.0}

  handle @cors_preflight {
    header Access-Control-Allow-Origin "{args.0}"
    header Access-Control-Allow-Methods "GET, POST, PUT, PATCH, DELETE"
    header Access-Control-Allow-Headers "Content-Type"
    header Access-Control-Max-Age "3600"
    respond "" 204
  }

  handle @cors {
    header Access-Control-Allow-Origin "{args.0}"
    header Access-Control-Expose-Headers "Link"
  }
}

# zrok site block
http:// {
    bind {{ .ZrokBindAddress }}
    import cors *
    reverse_proxy 127.0.0.1:11434 {
        header_up Host localhost:11434
    }
}

However, I'm seeing this CORS error in the browser:

Access to fetch at 'https://myzroketoken.share.zrok.io/api/chat' from origin 'http://localhost:49793' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.

The preflight request details are as follows:

• Request URL: https://myzroketoken.share.zrok.io/api/chat
• Request Method: OPTIONS
• Status Code: 200 OK
• Access-Control-Request-Headers: content-type,skip_zrok_interstitial
• Access-Control-Request-Method: POST
• Origin: http://localhost:49793

I've been trying to adjust the Caddyfile configuration to handle CORS properly, but I keep hitting this issue. Any advice on resolving this? Am I missing something in my CORS setup with Caddy or Zrok?

Thanks in advance!

Hi @gss214, welcome to the community and to zrok (and OpenZiti/BrowZer)!

The skip_interstitial handling i think was updated recently. What version of zrok are you using? CORS Issues with zrok - #8 by michael.quigley

Hi, I'm using version v0.4.39, I'll try to update here and bring an update

I updated to version v0.4.4 2 [ef1795f1], I used the reserve command to restart the proxy but the CORS error persists

This issue will be resolved when v0.4.43 is promoted to production. Production is currently at v0.4.42.

$ curl https://api.zrok.io/api/v1/version
"v0.4.42 [ef1795f1]"

Ahhh, I see, thanks. When will version 0.4.43 go to production?

Just an update, I updated to version v0.4.44 [c527340c] and I still have the cors error ):

Edit: I have already put skip_zrok interstitial in the header of every request. My flutter client looks like this:

client = ollama.OllamaClient(
        baseUrl: 'https://$zrokToken.share.zrok.io/api',
        headers: {'skip_zrok_interstitial': '1'},
      )