-
Notifications
You must be signed in to change notification settings - Fork 32
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
403 Forbidden if origin header not included for JSON authorization_endpoint response #216
Comments
tomlarkworthy
changed the title
403 Forbidden if origin header not included for JSON autheorization_endpoint response
403 Forbidden if origin header not included for JSON authorization_endpoint response
Apr 18, 2021
Someone has had some weird interaction leading to 403 with sinatra before: https://serverfault.com/questions/690540/getting-403-forbidden-w-referer-on-nginxpassenger Seems close to the symptoms though not exactly the same. Pretty sure its this: https://stackoverflow.com/questions/10509774/sinatra-and-rack-protection-setting |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
The following is a 403
The following works
Looks like it gets bounced at the nginx level.
Why am I sending a referer header but not an origin header? I am hosting code in a pupeteer instance and when you disable CORS thats how it sends requests (and I don't seem to be able to get rid of the referer header) https://observablehq.com/@endpointservices/serverless-cells
So Chrome B.S. of some sorts. It's not blocking me I can just use the form response instead.
The text was updated successfully, but these errors were encountered: