Skip to content
This repository has been archived by the owner on Mar 25, 2022. It is now read-only.

gateway: open up CORS to everything (allow-origin *) #109

Merged
1 commit merged into from
Nov 26, 2015
Merged

gateway: open up CORS to everything (allow-origin *) #109

1 commit merged into from
Nov 26, 2015

Conversation

ghost
Copy link

@ghost ghost commented Nov 2, 2015

  • needs testing on a gateway node.

gateway: open up CORS to everything (allow-origin *)
cd490f9 
License: MIT
Signed-off-by: Lars Gierth <larsg@systemli.org>
@ghost ghost added the solarnet label Nov 2, 2015
@ghost ghost mentioned this pull request Nov 2, 2015
Closed
47 tasks
@harlantwood
Copy link

Awesome! So the ipfs.io gateway will use this?

jbenet
jbenet reviewed Nov 2, 2015
View reviewed changes
solarnet/roles/ipfs/templates/config.j2
"http://localhost",
"http://localhost:8080",
"http://127.0.0.1",
"http://127.0.0.1:8080"
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

we should only change this for the Gateway, not the API -- actually, this should NOT have the public gateways, and only have the default parameters.

now it relies on one level of isolation: docker not rebinding the port. if it rebinds the port, then the api is usable outside. if port gets exposed to outer host -- docker firewall stopping?

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

sorry for the delay here --

we should only change this for the Gateway, not the API

The API headers rules apply to :8080/api, which is a bit inconvenient here -- maybe we should just change that in go-ipfs?

if port gets exposed to outer host -- docker firewall stopping?

No firewalling, I made docker and nginx expose :5001 and :8080 only to 127.0.0.1 and the cjdns VPN

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ooof this api/gateway duality in go-ipfs needs reworking.
On Fri, Nov 20, 2015 at 18:22 Lars Gierth notifications@github.com wrote:

In solarnet/roles/ipfs/templates/config.j2
#109 (comment):

   ]
 }

},
"API": {
"HTTPHeaders": {
"Access-Control-Allow-Origin": [

  •    "https://gateway.ipfs.io",

  •    "https://ipfs.io",

  •    "http://gateway.ipfs.io",

  •    "http://ipfs.io",

  •    "http://h.ipfs.io",

  •    "http://localhost",

  •    "http://localhost:8080",

  •    "http://127.0.0.1",

  •    "http://127.0.0.1:8080"

sorry for the delay here --

we should only change this for the Gateway, not the API

The API headers rules apply to :8080/api, which is a bit inconvenient
here -- maybe we should just change that in go-ipfs?

if port gets exposed to outer host -- docker firewall stopping?

No firewalling, I made docker and nginx expose :5001 and :8080 only to
127.0.0.1 and the cjdns VPN


Reply to this email directly or view it on GitHub
https://github.com/ipfs/infrastructure/pull/109/files#r45539900.

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Wild guess: ipfs/kubo#2021 might fix this

@ghost ghost mentioned this pull request Nov 3, 2015
Closed
11 tasks
@daviddias daviddias mentioned this pull request Nov 10, 2015
Closed
42 tasks
@ghost ghost mentioned this pull request Nov 16, 2015
Closed
53 tasks
@ghost ghost mentioned this pull request Nov 26, 2015
Closed
42 tasks
ghost pushed a commit that referenced this pull request Nov 26, 2015
Merge pull request #109 from ipfs/open-cors
5f6e0fe 
gateway: open up CORS to everything (allow-origin *)
@ghost ghost merged commit 5f6e0fe into master Nov 26, 2015
@ghost ghost deleted the open-cors branch November 26, 2015 01:55
@ghost
Copy link
Author

ghost commented Nov 26, 2015

@harlantwood could you point me to something that should now work, i.e. with Allow-Origin: *

@harlantwood
Copy link

harlantwood commented Nov 26, 2015 via email

@harlantwood
Copy link

@lgierth looking good:

https://ipfs.io/ipfs/QmV8e64oRKabaPxgZBN8ojpQRovtbQ4E2LgUvGXhFkSqWf :

@ghost
Copy link
Author

ghost commented Dec 1, 2015

cool!

This pull request was closed.
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@harlantwood @jbenet