689924 – WKD needs 'Access-Control-Allow-Origin: *' header

Bug 689924 - WKD needs 'Access-Control-Allow-Origin: *' header

Summary: WKD needs 'Access-Control-Allow-Origin: *' header

Status:	RESOLVED FIXED

Alias:	None

Product:	Gentoo Infrastructure
Classification:	Unclassified
Component:	Other (show other bugs)
Hardware:	All Linux

Importance:	Normal normal (vote)
Assignee:	Gentoo Infrastructure

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2019-07-15 18:24 UTC by Craig Andrews
Modified:	2020-08-11 07:43 UTC (History)
CC List:	2 users (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Craig Andrews gentoo-dev

2019-07-15 18:24:30 UTC

The WKD web server doesn't have the 'Access-Control-Allow-Origin: *' HTTP header set as it (imho) should.

Setting this CORS header allows web based wkd to work, such as openpgp.js (see https://github.com/openpgpjs/openpgpjs/pull/714 for more information)

Reproducible: Always

Steps to Reproduce:
1. Go to https://metacode.biz/openpgp/web-key-directory
2. Enter "candrews@gentoo.org" (or any other @gentoo.org address)
Actual Results:  
Key is not accessible, add 'Access-Control-Allow-Origin: *' header

Expected Results:  
Key is accessible for all browser-based use cases

Comment 1 Robin Johnson archtester

2020-08-07 19:55:54 UTC

done in puppet

Comment 2 Robin Johnson archtester

2020-08-10 23:49:37 UTC

Followed these instructions:
https://www.uriports.com/blog/setting-up-openpgp-web-key-directory/

However they don't seem to actually make the header work?

Comment 3 Michał Górny archtester

2020-08-11 07:43:44 UTC

Fixed now.