Page MenuHomePhabricator
Differential D7249

[keyserver] Allow localhost CORS origin in development
ClosedPublic
Actions

Authored by bartek on Mar 30 2023, 5:06 AM.
Tags
None
Referenced Files
Unknown Object (File)
Fri, Nov 8, 12:29 AM
Unknown Object (File)
Fri, Nov 8, 12:29 AM
Unknown Object (File)
Fri, Nov 8, 12:29 AM
Unknown Object (File)
Thu, Nov 7, 11:58 PM
Unknown Object (File)
Thu, Nov 7, 8:05 PM
Unknown Object (File)
Mon, Nov 4, 12:12 PM
Unknown Object (File)
Mon, Nov 4, 12:12 PM
Unknown Object (File)
Mon, Nov 4, 12:12 PM
View All Files
Subscribers
tomek

Details

Reviewers
atul
ashoat
Commits
rCOMM9f57d81b4aed: [keyserver] Allow localhost CORS origin in development
Summary

When developing web in localhost, I'm running http://localhost:3000/comm in browser, but the web app reaches keyserver using IP address: http://xx.xx.xx.xx:3000 so e.g. uploaded media are fetched with the following URI: http://IP_ADDR:3000/comm/upload/86797/7f9059dc4458e215

This works for <img src="uri"> but not for fetch() (used for encrypted media) where it fails with CORS error: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin http://localhost:3000 is therefore not allowed access.

Added CORS header for development only that adds localhost to allowed origins. This affects only the upload endpoint.

This shouldn't affect production, as it is the same origin: web.comm.app

Test Plan

CORS requests no longer fail when downloading resources using fetch()

Diff Detail

Repository
rCOMM Comm
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Revision Contents
Changeset List

PathSize
keyserver/
src/
uploads/
14 lines

Diff 24421

View Options

keyserver/src/uploads/uploads.js

Loading...