CORS requests not working in SKS 1.1.5
mail at tankredhase.de
Thu Dec 10 07:28:34 CET 2015
Tankred from OpenPGP.js / Whiteout.io here. I’m currently testing HTTP CORS request to SKS via JS in the browser after having read the announcement on v1.1.5 (https://lists.gnupg.org/pipermail/gnupg-users/2014-May/049682.html). Unfortunately I’m getting a 502 (Bad Gateway) response. Upon further analysis I saw that only the following header is set:
The Access-Control-Allow-Origin: *
Tested using: https://keyserver.ubuntu.com/pks/lookup?op=get&options=mr&search=safewithme.testuser%40gmail.com
This is indeed a requirement for CORS requests, but not sufficient. Without the following headers, CORS requests from the Browser will fail as an OPTIONS preflight check is required:
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
You can test how it should look here: https://firstname.lastname@example.org
Would it be possible to add the headers? It would allow me the remove the need for our proprietary key server proxy and send requests directly to SKS server from the web. Thanks!
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 801 bytes
Desc: Message signed with OpenPGP using GPGMail
More information about the Gnupg-users