Skip to content

GitLab

  • Menu
Projects Groups Snippets
    • Loading...
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
    • Contribute to GitLab
  • Sign in
  • allgo allgo
  • Project information
    • Project information
    • Activity
    • Labels
    • Members
  • Repository
    • Repository
    • Files
    • Commits
    • Branches
    • Tags
    • Contributors
    • Graph
    • Compare
  • Issues 82
    • Issues 82
    • List
    • Boards
    • Service Desk
    • Milestones
  • Merge requests 12
    • Merge requests 12
  • CI/CD
    • CI/CD
    • Pipelines
    • Jobs
    • Schedules
  • Deployments
    • Deployments
    • Environments
    • Releases
  • Monitor
    • Monitor
    • Incidents
  • Packages & Registries
    • Packages & Registries
    • Container Registry
  • Analytics
    • Analytics
    • Value stream
    • CI/CD
    • Repository
  • Wiki
    • Wiki
  • Snippets
    • Snippets
  • Activity
  • Graph
  • Create a new issue
  • Jobs
  • Commits
  • Issue Boards
Collapse sidebar
  • allgo
  • allgoallgo
  • Issues
  • #119

Closed
Open
Created Apr 11, 2017 by BAIRE Anthony@abaireOwner

understand and fix the CORS config

Original bug (Patrick 07/04/2017):

  • http://gatb-core.gforge.inria.fr/gatb-compiler/gatb-compiler.html?snippet=bank1
  • click Compile & Run

The HTTP response contains duplicated CORS headers:

Access-Control-Allow-Origin: http://gatb-core.gforge.inria.fr
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Expose-Headers: 
Access-Control-Max-Age: 0
Access-Control-Allow-Credentials: true
Vary: Origin
X-Rack-CORS: hit
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

The first group is set by rails (rack-cors gem in config/application.rb) and the second group is set by nginx (deploy/nginxconf).

--> to be audited and cleaned

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information
Assignee
Assign to
Time tracking