CORS issue for Hunger Games with the OCRs since last week

openfoodfacts / openfoodfacts-infrastructure

Where we collaboratively plan and maintain the infrastructure of Open Food Facts

3 stars 6 forks source link

CORS issue for Hunger Games with the OCRs since last week #39

Open teolemon opened 3 years ago

teolemon commented 3 years ago

Hi, did you modified the CORS policy of the static server last week ? I get CORS issues when asking for the OCR json files. Bellow an example. The file exist because, but it returns CORS error when fetched by JS script https://static.openfoodfacts.org/images/products//871/548/600/1008/1.json

alexfauquette commented 3 years ago

If you want to test it live, you can go here :

https://deploy-preview-196--gifted-lalande-686eef.netlify.app/nutritionComputer

The app try to get an OCR, due to CORS it fails and so try to fetch the next product, which will fail too, etc...

cquest commented 3 years ago

I fixed the CORS issue that I think I have introduced while testing/setting images.openfoodfacts.org

CharlesNepote commented 3 years ago

@cquest I remember we try to publish the nginx conf in https://github.com/openfoodfacts/openfoodfacts-server/tree/main/conf/nginx/sites-available

Maybe it's not the right place, but we should publish nginx conf to:

enhance team knowledge
allow to diff each change with previous versions
ease debugging
backup it
etc.

alexfauquette commented 3 years ago

@cquest I have another question about CORS

I'm still in robotoff front-end, and I want to check if user's session is valid.

To do so I would need that the API route https://world.openfoodfacts.org/cgi/auth.pl returns a header with Access-Control-Allow-Credentials set to true for requests coming from hunger.openfoodfacts.org

Do you think this is ok or did there is some danger I do not know about to do that?