Closed heinemann closed 2 years ago
craig-br
commented
2 years ago Hi @heinemann . Thanks for bringing this to our attention!
I've tested the lab using this link and it worked. Username: student Password: learn_ansible
I'm looking at the developers.redhat.com site to see what the issue is.
craig-br
commented
2 years ago Seems like its the iframe embedding causing the issue. Safari Version 15.6.1 (17613.3.9.1.16) Developer tools output:
[Error] Blocked a frame with origin "https://gitea-3000-jfcusuniubxy.env.play.instruqt.com/" from accessing a frame with origin "https://play.instruqt.com/". Protocols, domains, and ports must match.
heinemann
commented
2 years ago I test it on two laptops (Windows 10) with firefox and chrome. Same result. [Edit] The direct link work for me to. Thanks for that.
craig-conway
commented
2 years ago We found that the controller itself is not accepting cross origin requests (CORS), breaking login once we embed the instruqt lab, but allowing it to work on the instruqt link its hosted on. We've setup redirects on developers.redhat.com as a workaround, could this be investigated to allow CORS?
craig-br
commented
2 years ago Hi @craig-conway. Unfortunately, there's no supported method to disable CORS security features in controller. The iframe method, however, is causing issues beyond just controller. Here's a different lab that uses VSCode, which doesn't load correctly.
https://developers.redhat.com/learn/get-started-ansible-automation-platform-navigator
Gitea and Jenkins instances we use in our labs also block form submissions via an iframe for security reasons.
Our recommendation is to use the kiosk link for Instruqt labs.
FYI @abenokraitis @cloin
The Credential
doesen't work with Gittea and the Controller. Only with Jenkins is a login possible with these credential.
https://developers.redhat.com/learn/devops-cicd-automation-controller