Closed briancripe closed 1 year ago
stale[bot]
commented
2 years ago This issue has been automatically marked as inactive because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.
briancripe
commented
2 years ago The PR provided for the fix seems like low-hanging fruit to merge with minimal impact risk.
stale[bot]
commented
1 year ago This issue has been automatically marked as inactive because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.
VibroAxe
commented
1 year ago @briancripe we've actually taken the decision to decomission the diagnostics page in favour of a new tool> https://github.com/lancachenet/diagnostics/releases/tag/v0.0.2
Describe the issue you are having
Chrome browser now has RFC1918 enabled by default, which introduces preflight requests to private network IPs (to protect users from CSRF attacks). This causes all the requests from the Lancache Litmus Test page to fail due to CORS policy even if Lancache is configured correctly.
Turning off the chrome flag validates that this is what's happening:
chrome://flags/#block-insecure-private-network-requestsThe fix should be as easy as adding the corresponding response header to the lancache-heartbeat response:
Access-Control-Allow-Private-Network: trueHow are you running the container(s)
Running monolithic docker container with single generic cache.
DNS Configuration
Pi-Hole with generated dnsmasq configs.
Output of container(s)
Everything's all good with core functionality.