guix-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Cross-Origin Request blocked when browing non-www of packages page a

From: Ludovic Courtès
Subject: Re: Cross-Origin Request blocked when browing non-www of packages page and mixed content
Date: Wed, 27 Apr 2016 16:37:47 +0200
User-agent: Gnus/5.13 (Gnus v5.13) Emacs/24.5 (gnu/linux) 
Hello!

Roel Janssen <address@hidden> skribis:

> I noticed that the build status icons don't work when browing:
>   https://gnu.org/software/guix/packages/ (Notice the lack of 'www.')
>
> The reason:
> CORS header 'Access-Control-Allow-Origin' does not match
> 'https://www.gnu.org'.
>
> So, could we either add 'https://gnu.org' to the Hydra nginx config, or
> add a redirect to the www-variant on gnu.org?

I don’t know how to fix it: there can be only one CORS header and it
can contain only one URL.  Thoughts?

Regarding www.gnu.org, it’s something to ask address@hidden  Would
you like to email them?

> Then, we also have the problem of loading mixed content (mixed transportation
> over HTTP and HTTPS in the same page):

I think it would be worth to try addressing this problem at the GNU
scale, because this info (logo URLs, descriptions, etc.) is something we
get from a canonical database of GNU packages; see (guix
gnu-maintenance) for details.

Could you email address@hidden with a suggestion to host all logos
somewhere on gnu.org?  I think it’d be beneficial not just for Guix.

Thanks!

Ludo’.
reply via email to
[Prev in Thread] Current Thread [Next in Thread]