[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Cross-Origin Request blocked when browing non-www of packages page a
From: |
Roel Janssen |
Subject: |
Re: Cross-Origin Request blocked when browing non-www of packages page and mixed content |
Date: |
Tue, 03 May 2016 13:30:10 +0200 |
User-agent: |
mu4e 0.9.17; emacs 25.1.50.3 |
Ludovic Courtès writes:
> Hello!
>
> Roel Janssen <address@hidden> skribis:
>
>> I noticed that the build status icons don't work when browing:
>> https://gnu.org/software/guix/packages/ (Notice the lack of 'www.')
>>
>> The reason:
>> CORS header 'Access-Control-Allow-Origin' does not match
>> 'https://www.gnu.org'.
>>
>> So, could we either add 'https://gnu.org' to the Hydra nginx config, or
>> add a redirect to the www-variant on gnu.org?
>
> I don’t know how to fix it: there can be only one CORS header and it
> can contain only one URL. Thoughts?
>
> Regarding www.gnu.org, it’s something to ask address@hidden Would
> you like to email them?
I e-mailed them.
>> Then, we also have the problem of loading mixed content (mixed transportation
>> over HTTP and HTTPS in the same page):
>
> I think it would be worth to try addressing this problem at the GNU
> scale, because this info (logo URLs, descriptions, etc.) is something we
> get from a canonical database of GNU packages; see (guix
> gnu-maintenance) for details.
>
> Could you email address@hidden with a suggestion to host all logos
> somewhere on gnu.org? I think it’d be beneficial not just for Guix.
For this I have to further look into it for the details. I don't have
time for that right now, but when I do find time, I'll have another
look.
Thanks for your time!
Kind regards,
Roel Janssen
- Re: Cross-Origin Request blocked when browing non-www of packages page and mixed content,
Roel Janssen <=