[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Cross-Origin Request blocked when browing non-www of packages page a
From: |
Ludovic Courtès |
Subject: |
Re: Cross-Origin Request blocked when browing non-www of packages page and mixed content |
Date: |
Wed, 27 Apr 2016 16:37:47 +0200 |
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/24.5 (gnu/linux) |
Hello!
Roel Janssen <address@hidden> skribis:
> I noticed that the build status icons don't work when browing:
> https://gnu.org/software/guix/packages/ (Notice the lack of 'www.')
>
> The reason:
> CORS header 'Access-Control-Allow-Origin' does not match
> 'https://www.gnu.org'.
>
> So, could we either add 'https://gnu.org' to the Hydra nginx config, or
> add a redirect to the www-variant on gnu.org?
I don’t know how to fix it: there can be only one CORS header and it
can contain only one URL. Thoughts?
Regarding www.gnu.org, it’s something to ask address@hidden Would
you like to email them?
> Then, we also have the problem of loading mixed content (mixed transportation
> over HTTP and HTTPS in the same page):
I think it would be worth to try addressing this problem at the GNU
scale, because this info (logo URLs, descriptions, etc.) is something we
get from a canonical database of GNU packages; see (guix
gnu-maintenance) for details.
Could you email address@hidden with a suggestion to host all logos
somewhere on gnu.org? I think it’d be beneficial not just for Guix.
Thanks!
Ludo’.