[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Adding build status to the package list table
From: |
Roel Janssen |
Subject: |
Re: Adding build status to the package list table |
Date: |
Wed, 03 Feb 2016 11:32:14 +0100 |
User-agent: |
mu4e 0.9.15; emacs 25.1.50.9 |
Ricardo Wurmus writes:
> Ludovic Courtès <address@hidden> writes:
>
>> Roel Janssen <address@hidden> skribis:
>>
>>> We need to add the following line to the response header at
>>> hydra.gnu.org:
>>>
>>> Access-Control-Allow-Origin: "http://www.gnu.org"
>>>
>>> Here's how to do it:
>>> http://enable-cors.org/server_nginx.html
>>>
>>> Which boils down to adding this line to the nginx config:
>>> add_header 'Access-Control-Allow-Origin' 'http://www.gnu.org';
>>
>> OK, I’ve done that for /api requests (with the full URI, that is
>> <https://www.gnu.org/software/guix/packages/> and variants thereof).
>> Now, when clicking on “Expand”, IceCat no longer complains about CORS,
>> but it fails to expands and reports this:
>>
>> Blocked loading mixed active content
>>
>> "http://hydra.gnu.org/api/latestbuilds?nr=1&project=gnu&jobset=master&job=adwaita-icon-theme-3.18.0.x86_64-linux"
>>
>> with a link to:
>>
>> https://developer.mozilla.org/en-US/docs/Security/MixedContent
>
> This is because the current page is encrypted but the content from hydra
> is not. Can we serve hydra.gnu.org/api over HTTPS?
I think that would fix this problem.
However, if I browse explicitly to:
http://gnu.org/software/guix/packages (the insecure version), I get the
following error message:
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the
remote resource at
http://hydra.gnu.org/api/latestbuilds?nr=1&project=gnu&jobset=master&job=acme-0.2.0.i686-linux.
(Reason: CORS header 'Access-Control-Allow-Origin' does not match
'https://www.gnu.org/software/guix/packages,
https://www.gnu.org/software/guix/packages/,
https://www.gnu.org/software/guix/packages/index.html,
https://gnu.org/software/guix/packages/,
http://www.gnu.org/software/guix/packages,
http://www.gnu.org/software/guix/packages/,
http://www.gnu.org/software/guix/packages/index.html,
http://gnu.org/software/guix/packages/').
This is because (at least in my browser), the origin is set to
"http://www.gnu.org" instead of the full path. So could you include
"http://www.gnu.org" in the list as well?
Thanks,
Roel