CORS requests not working in SKS 1.1.5

Tankred Hase mail at
Thu Dec 10 07:28:34 CET 2015


Tankred from OpenPGP.js / here. I’m currently testing HTTP CORS request to SKS via JS in the browser after having read the announcement on v1.1.5 ( Unfortunately I’m getting a 502 (Bad Gateway) response. Upon further analysis I saw that only the following header is set:

The Access-Control-Allow-Origin: *

Tested using:

This is indeed a requirement for CORS requests, but not sufficient. Without the following headers, CORS requests from the Browser will fail as an OPTIONS preflight check is required:

Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
'Access-Control-Allow-Headers‘: Content-Type

You can test how it should look here:

Would it be possible to add the headers? It would allow me the remove the need for our proprietary key server proxy and send requests directly to SKS server from the web. Thanks!

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: </pipermail/attachments/20151210/99d14b17/attachment.sig>

More information about the Gnupg-users mailing list