Closed SgtPooki closed 4 months ago
Also fails when I return:
Access-Control-Expose-Headers: Location,Content-Range
Access-Control-Expose-Headers: Location, Content-Range
allow-methods is also failing: Error: Header 'Access-Control-Allow-Methods' expected to find 'GET' in '[GET, PUT, PATCH, POST, DELETE, OPTIONS]'
Also, the CORS tests seem to be requesting preflight headers on non-preflight requests, so I had to disable some things in @fastify/cors at https://github.com/fastify/fastify-cors/blob/ec470fcc810b386d90abef47cd55f281d0d7bc2d/index.js#L178-L201
Nice catch; this is caused by https://github.com/ipfs/gateway-conformance/issues/21
FWIW, with helia being the first gateway not based on the go stack, you might hit other issues related to universality: https://github.com/ipfs/gateway-conformance/issues/121.
FYI i've got conformance tests running in verified-fetch now (see https://github.com/ipfs/helia-verified-fetch/pull/67) and this is still occurring.
cc @lidel @hacdias
=== RUN TestCors/GET_Responses_from_Gateway_should_include_CORS_headers_allowing_JS_from_other_origins_to_read_the_data_cross-origin./Header_Access-Control-Allow-Headers
run.go:53:
Name: GET Responses from Gateway should include CORS headers allowing JS from other origins to read the data cross-origin.
Hint:
Error: Header 'Access-Control-Allow-Headers' expected to find 'Content-Type' in '[Content-Type, Range, User-Agent, X-Requested-With]'
Expected Request:
{
"method": "GET",
"path": "/ipfs/bafkqabtimvwgy3yk/"
}
Actual Request:
GET /ipfs/bafkqabtimvwgy3yk/ HTTP/1.1
Host: host.docker.internal:3442
User-Agent: Go-http-client/1.1
Accept-Encoding: gzip
Expected Response:
{
"headers": [
{
"key": "Access-Control-Allow-Origin",
"check": {}
},
{
"key": "Access-Control-Allow-Methods",
"check": {}
},
{
"key": "Access-Control-Allow-Headers",
"check": {}
},
{
"key": "Access-Control-Expose-Headers",
"check": {}
}
]
}
Actual Response:
HTTP/1.1 200 OK
Transfer-Encoding: chunked
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type, Range, User-Agent, X-Requested-With
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=29030400, immutable
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Date: Tue, 30 Apr 2024 23:47:29 GMT
Etag: "bafkqabtimvwgy3yk"
Keep-Alive: timeout=5
X-Ipfs-Path: /ipfs/bafkqabtimvwgy3yk
server is responding with content-range but test fails.
see:
Error: Header 'Access-Control-Expose-Headers' expected to find 'Content-Range' in '[Location, Content-Range]'
Full output of test run
``` Running tool: /Users/sgtpooki/.asdf/installs/golang/1.20.6/go/bin/go test -timeout 30s -run ^TestCors/GET_Responses_from_Gateway_should_include_CORS_headers_allowing_JS_from_other_origins_to_read_the_data_cross-origin./Header_Access-Control-Expose-Headers$ github.com/ipfs/gateway-conformance/tests 2023-12-05T11:46:26.255-0800 DEBUG conformance test/config.go:50 GatewayURL: http://127.0.0.1:8090 2023-12-05T11:46:26.256-0800 DEBUG conformance test/config.go:52 SubdomainGatewayURL: helia-http-gateway.localhost 2023-12-05T11:46:26.256-0800 DEBUG conformance test/config.go:53 SubdomainGatewayHost: 2023-12-05T11:46:26.256-0800 DEBUG conformance test/config.go:54 SubdomainGatewayScheme: === RUN TestCors /Users/sgtpooki/code/work/protocol.ai/ipfs/gateway-conformance/tests/path_gateway_cors_test.go:12: --- META: {"group":"CORS"} === RUN TestCors/GET_Responses_from_Gateway_should_include_CORS_headers_allowing_JS_from_other_origins_to_read_the_data_cross-origin. 2023-12-05T11:46:26.257-0800 DEBUG conformance test/run.go:101 Querying http://127.0.0.1:8090/ipfs/bafkqabtimvwgy3yk/ === RUN TestCors/GET_Responses_from_Gateway_should_include_CORS_headers_allowing_JS_from_other_origins_to_read_the_data_cross-origin./Header_Access-Control-Expose-Headers /Users/sgtpooki/code/work/protocol.ai/ipfs/gateway-conformance/tests/run.go:53: Name: GET Responses from Gateway should include CORS headers allowing JS from other origins to read the data cross-origin. Hint: Error: Header 'Access-Control-Expose-Headers' expected to find 'Content-Range' in '[Location, Content-Range]' Expected Request: { "method": "GET", "path": "/ipfs/bafkqabtimvwgy3yk/" } Actual Request: GET /ipfs/bafkqabtimvwgy3yk/ HTTP/1.1 Host: 127.0.0.1:8090 User-Agent: Go-http-client/1.1 Accept-Encoding: gzip Expected Response: { "headers": [ { "key": "Access-Control-Allow-Origin", "check": {} }, { "key": "Access-Control-Allow-Methods", "check": {} }, { "key": "Access-Control-Allow-Headers", "check": {} }, { "key": "Access-Control-Expose-Headers", "check": {} } ] } Actual Response: HTTP/1.1 301 Moved Permanently Access-Control-Allow-Origin: * Access-Control-Expose-Headers: Location, Content-Range Connection: keep-alive Date: Tue, 05 Dec 2023 19:46:26 GMT Keep-Alive: timeout=72 Location: //bafkqabtimvwgy3yk.ipfs.127.0.0.1:8090/ Vary: Origin Content-Length: 0 --- FAIL: TestCors/GET_Responses_from_Gateway_should_include_CORS_headers_allowing_JS_from_other_origins_to_read_the_data_cross-origin./Header_Access-Control-Expose-Headers (0.00s) --- FAIL: TestCors/GET_Responses_from_Gateway_should_include_CORS_headers_allowing_JS_from_other_origins_to_read_the_data_cross-origin. (0.00s) --- FAIL: TestCors (0.00s) FAIL FAIL github.com/ipfs/gateway-conformance/tests 0.154s ```