Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

e2e: use explicit values for Access-Control-Allow-Origin #1130

Open
galargh opened this issue Jan 17, 2023 · 1 comment
Open

e2e: use explicit values for Access-Control-Allow-Origin #1130

galargh opened this issue Jan 17, 2023 · 1 comment
Labels
effort/hours Estimated to take one or several hours exp/beginner Can be confidently tackled by newcomers kind/maintenance Work required to avoid breaking changes or harm to project's status quo P3 Low: Not priority right now status/ready Ready to be worked topic/ci Continuous integration

Comments

@galargh
Copy link
Contributor

galargh commented Jan 17, 2023

Currently, we use Access-Control-Allow-Origin: ["*"] in our E2E setup. As raised #1121 (comment), we could try to be more explicit with access control.

See #1121 (comment) for prior attempts description.
@galargh galargh added the need/triage Needs initial labeling and prioritization label Jan 17, 2023
@galargh galargh mentioned this issue Jan 17, 2023
Merged
9 tasks
@ipfs ipfs deleted a comment from welcome bot Jan 17, 2023
@SgtPooki SgtPooki added kind/maintenance Work required to avoid breaking changes or harm to project's status quo P3 Low: Not priority right now status/ready Ready to be worked exp/beginner Can be confidently tackled by newcomers effort/hours Estimated to take one or several hours topic/ci Continuous integration and removed need/triage Needs initial labeling and prioritization labels Feb 4, 2023
@lidel
Copy link
Member

lidel commented Feb 22, 2023
edited
Loading

Sorry for naive question if this was discussed before, but why do we need these CORS headers at all?

Companion should work without asking user to set any special headers, and out e2e tests should validate that it works "out-of-the-box" with IPFS Desktop.

Can we remove explicit values for Access-Control-Allow-Origin, so we test real world use of RPC port?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
effort/hours Estimated to take one or several hours exp/beginner Can be confidently tackled by newcomers kind/maintenance Work required to avoid breaking changes or harm to project's status quo P3 Low: Not priority right now status/ready Ready to be worked topic/ci Continuous integration
Projects
No open projects
IPFS-GUI (PL EngRes)
Status: Planned / Backlog
Milestone
No milestone
Development

No branches or pull requests
3 participants
@lidel @SgtPooki @galargh