Closed briancripe closed 1 year ago
This issue has been automatically marked as inactive because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.
The PR provided for the fix seems like low-hanging fruit to merge with minimal impact risk.
This issue has been automatically marked as inactive because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.
@briancripe we've actually taken the decision to decomission the diagnostics page in favour of a new tool> https://github.com/lancachenet/diagnostics/releases/tag/v0.0.2
Describe the issue you are having
Chrome browser now has RFC1918 enabled by default, which introduces preflight requests to private network IPs (to protect users from CSRF attacks). This causes all the requests from the Lancache Litmus Test page to fail due to CORS policy even if Lancache is configured correctly.
Turning off the chrome flag validates that this is what's happening:
chrome://flags/#block-insecure-private-network-requests
The fix should be as easy as adding the corresponding response header to the lancache-heartbeat response:
Access-Control-Allow-Private-Network: true
How are you running the container(s)
Running monolithic docker container with single generic cache.
DNS Configuration
Pi-Hole with generated dnsmasq configs.
Output of container(s)
Everything's all good with core functionality.