Cross-Origin Request blocked when browing non-www of packages page and m

guix-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Cross-Origin Request blocked when browing non-www of packages page and m

From:	Roel Janssen
Subject:	Cross-Origin Request blocked when browing non-www of packages page and mixed content
Date:	Wed, 20 Apr 2016 10:29:52 +0200
User-agent:	mu4e 0.9.17; emacs 25.1.50.1

0001-website-packages-Serve-package-logos-locally.patch
Description: Text Data

Dear list,

I noticed that the build status icons don't work when browing:
  https://gnu.org/software/guix/packages/ (Notice the lack of 'www.')

The reason:
CORS header 'Access-Control-Allow-Origin' does not match
'https://www.gnu.org'.

So, could we either add 'https://gnu.org' to the Hydra nginx config, or
add a redirect to the www-variant on gnu.org?

Then, we also have the problem of loading mixed content (mixed transportation
over HTTP and HTTPS in the same page):
  Loading mixed (insecure) display content 
"http://planet.bazaar-vcs.org/images/logo.png"; on a secure page
  Loading mixed (insecure) display content 
"http://planet.bazaar.canonical.com/images/logo.png"; on a secure page
  Loading mixed (insecure) display content 
"http://www.gimp.org/images/wilber_the_gimp.png"; on a secure page
  Loading mixed (insecure) display content 
"http://www.gnome.org/wp-content/themes/gnome-grass/images/gnome-logo.png"; on a 
secure page
  Loading mixed (insecure) display content 
"https://www.gnome.org//wp-content/themes/gnome-grass/images/gnome-logo.png"; on 
a secure page
  Loading mixed (insecure) display content 
"http://www.gnucash.org/images/banner5.png"; on a secure page
  Loading mixed (insecure) display content 
"http://www.smalltalk.org/images/balloon2.gif"; on a secure page
  Loading mixed (insecure) display content 
"http://www.solfege.org/static/logo.png"; on a secure page
  Loading mixed (insecure) display content "http://www.mpfr.org/mpfr500.png"; on 
a secure page
  Loading mixed (insecure) display content "http://www.r-project.org/Rlogo.jpg"; 
on a secure page
  Loading mixed (insecure) display content 
"https://www.r-project.org/Rlogo.jpg"; on a secure page
  Loading mixed (insecure) display content 
"http://www.gnu.org/software/recutils/logo.png"; on a secure page
  Loading mixed (insecure) display content 
"http://www.speex.org/images/logos/parrot_speex_org-3.png"; on a secure page
  Loading mixed (insecure) display content "http://www.solfege.org/"; on a 
secure page

I suggest we host those images on our own server (gnu.org).  The
attached patch (for the guix-artwork repository) does this.

Thanks!

Kind regards,
Roel Janssen

[Prev in Thread]

Current Thread

[Next in Thread]

Cross-Origin Request blocked when browing non-www of packages page and mixed content, Roel Janssen <=
- Re: Cross-Origin Request blocked when browing non-www of packages page and mixed content, Ludovic Courtès, 2016/04/27

Prev by Date: Re: Reorganizing guix package commands
Next by Date: Re: Reorganizing guix package commands
Previous by thread: [PATCH 1/2] gnu: bitlbee: Update to 3.4.2.
Next by thread: Re: Cross-Origin Request blocked when browing non-www of packages page and mixed content
Index(es):
- Date
- Thread