Skip to content
This repository has been archived by the owner on Sep 3, 2024. It is now read-only.

OPTIONS for /.well-known/webcrypto-socket missing required CORS header #346

Closed
WorldThirteen opened this issue Jul 21, 2020 · 5 comments
Closed

OPTIONS for /.well-known/webcrypto-socket missing required CORS header #346

WorldThirteen opened this issue Jul 21, 2020 · 5 comments
Labels
bug

Comments

@WorldThirteen
Copy link
Collaborator

Request: OPTIONS https://127.0.0.1:31337/.well-known/webcrypto-socket doesn't contain 'Access-Control-Allow-Origin': '*' header, while GET for https://127.0.0.1:31337/.well-known/webcrypto-socket does.

This leads to a case when the web app couldn't connect to Fortify.

Since there is a case when a browser will send an OPTIONS preflight request even for GET request, it is required to have such a response header for OPTIONS request too.
@microshine
Copy link
Collaborator

What browser does throw that exception (and version)?

@donskov
Copy link
Collaborator

donskov commented Jul 22, 2020

Chrome 84

@donskov
Copy link
Collaborator

donskov commented Jul 22, 2020

@microshine You can call fetch for catch the error:

fetch('https://127.0.0.1:31337/.well-known/webcrypto-socket', { method: 'OPTIONS' })

@microshine
Copy link
Collaborator

https://github.com/PeculiarVentures/fortify/releases/tag/v1.3.6

@WorldThirteen
Copy link
Collaborator Author

Fixed in 1.3.6.

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@microshine @donskov @WorldThirteen