Closed hdevalence closed 7 months ago
Try again. I've implemented CORS headers on the grpc service for testnet, but not (yet) for preview:
❯ curl -I https://grpc.testnet.penumbra.zone
HTTP/2 200
access-control-allow-credentials: true
access-control-allow-headers: accept,x-grpc-web,x-user-agent,content-type,user-agent
access-control-allow-origin: https://buf.build
content-type: application/grpc
date: Fri, 03 Nov 2023 22:50:43 GMT
grpc-status: 12
content-length: 0
❯ curl -I https://grpc.testnet-preview.penumbra.zone
HTTP/2 200
content-type: application/grpc
date: Fri, 03 Nov 2023 22:50:46 GMT
grpc-status: 12
content-length: 0
You should therefore be able to use Buf Studio with the testnet grpc, but not with preview grpc. Can you confirm? Once the CORS config is solid, I'll add a PR to this repo to make sure it's always added, so it'll stick around, even on preview re-deploys.
Initial report shows working in Safari. I'm leaving this issue open as a reminder to update preview to match.
Headers are serving:
❯ curl -I https://grpc.testnet.penumbra.zone
HTTP/2 200
access-control-allow-headers: accept,x-grpc-web,x-user-agent,content-type,user-agent
access-control-allow-origin: https://buf.build
content-type: application/grpc
date: Mon, 06 Nov 2023 22:35:23 GMT
grpc-status: 12
content-length: 0
❯ curl -I https://grpc.testnet-preview.penumbra.zone
HTTP/2 200
access-control-allow-headers: accept,x-grpc-web,x-user-agent,content-type,user-agent
access-control-allow-origin: https://buf.build
content-type: application/grpc
date: Mon, 06 Nov 2023 22:35:26 GMT
grpc-status: 12
content-length: 0
via automatic deploy in https://github.com/penumbra-zone/penumbra/actions/runs/6777204344
We don't want to special-case Buf Studio, we want GRPC to work from arbitrary web contexts.
Ah, I misunderstood. In that case, we'll want:
access-control-allow-origin: *
access-control-allow-methods: *
Which seems to have decent support cross-browser.
This is still broken. Steps to reproduce:
pd testnet join
pd start --home ...
& cometbft start --home ...
We can't fix this by special casing for Buf studio specifically or for the testnet infrastructure Penumbra Labs happens to run. The node software has to work out of the box.
OK, we should be good to go here. I've added CORS support inside pd
, and removed the RP middleware. When running locally, I'm able to use Buf Studio against http://localhost:8080
just fine, although for the SimulateTrade RPC to work, I have to provide --enable-expensive-rpc
to pd start
. I'm also able to run the same against https://grpc.testnet-preview.penumbra.zone
, so I'm closing this issue, but don't hesitate to reopen if I've missed something.
Describe the bug
CORS issues prevent Buf studio from making requests to the GRPC endpoints.
To Reproduce
https://buf.build/studio/penumbra-zone/penumbra/main/penumbra.core.component.shielded_pool.v1alpha1.QueryService/DenomMetadataById?target=https%3A%2F%2Fgrpc.testnet.penumbra.zone&selectedProtocol=grpc-web&share=swqq5lJQUEosLk4t8UxRslIAcYECmXl5qUVArpJHuJFroXFoVFiwU0lJfmh5aKa%2Bb2iJq3lRkVFoqLl%2BqIepgUFSZYG5v2OyrRJQby1XLQA
Fails in Firefox and iOS safari
Expected behavior
Making requests should just work