CORS requests not working in SKS 1.1.5
Tankred Hase
mail at tankredhase.de
Fri Dec 11 05:08:11 CET 2015
It seems I just some connection problems yesterday that caused the 502. Thanks to Daniel Roesler to providing help. I’ve implemented initial HKP support to OpenPGP.js. Comments welcome:
https://github.com/openpgpjs/openpgpjs/pull/380
Thanks!
Tankred
> Am 10.12.2015 um 13:28 schrieb Tankred Hase <mail at tankredhase.de>:
>
> Hey,
>
> Tankred from OpenPGP.js / Whiteout.io here. I’m currently testing HTTP CORS request to SKS via JS in the browser after having read the announcement on v1.1.5 (https://lists.gnupg.org/pipermail/gnupg-users/2014-May/049682.html). Unfortunately I’m getting a 502 (Bad Gateway) response. Upon further analysis I saw that only the following header is set:
>
> The Access-Control-Allow-Origin: *
>
> Tested using: https://keyserver.ubuntu.com/pks/lookup?op=get&options=mr&search=safewithme.testuser%40gmail.com
>
> This is indeed a requirement for CORS requests, but not sufficient. Without the following headers, CORS requests from the Browser will fail as an OPTIONS preflight check is required:
>
> Access-Control-Allow-Origin: *
> Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
> 'Access-Control-Allow-Headers‘: Content-Type
>
> You can test how it should look here: https://keys.whiteout.io/safewithme.testuser@gmail.com
>
> Would it be possible to add the headers? It would allow me the remove the need for our proprietary key server proxy and send requests directly to SKS server from the web. Thanks!
>
> Tankred
More information about the Gnupg-users
mailing list