search

vechain / thor

A general purpose blockchain highly compatible with Ethereum's ecosystem
GNU Lesser General Public License v3.0
800 stars 247 forks source link

CORS is broken in 1.0.2 #145

Closed molekilla closed 6 years ago

molekilla commented 6 years ago

Hi there,

Please notice that this is an issue tracker reserved for bug reports and feature requests.

For general questions please use the gitter channel.

OS Version:

Centos Linux / Docker

Commit hash : (if develop)

Expected behavior

Migrating to Thor Docker v1.0.2 should not break CORS

Actual behavior

Chrome returns

Failed to load https://test.local/events?address=0x7ca903d8f7a9ae6c79c6825c1382157b7df5e003&order=ASC: The 'Access-Control-Allow-Origin' header contains multiple values 'http://localhost:3100, *', but only one is allowed. Origin 'http://localhost:3100' is therefore not allowed access.

Steps to reproduce the behavior

Run Docker with

---
    name: thor-test
    image: vechain/thor:v1.0.2
    command: --verbosity 5 --network test --api-addr=0.0.0.0:8669 --api-cors "http://localhost:3100"
    state: started
    ports:
    - "0.0.0.0:8669:8669"
    - "11235:11235/udp"
    - "11235:11235"
    volumes:
    - /opt/vechain/test/.org.vechain.thor:/root/.org.vechain.thor
qianbin commented 6 years ago

@molekilla I guess there's some proxy touches the response header, and appends * to Access-Control-Allow-Origin.

molekilla commented 6 years ago

Without CORS in proxy and previous version I get

Failed to load https://thor.test.bet/accounts/....?revision=best: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:3100' is therefore not allowed access.

Without CORS in proxy and thor v1.0.2, works!