- From: Yves Lafon <ylafon@w3.org>
- Date: Tue, 3 Dec 2019 22:46:27 +0100
- To: Tim Berners-Lee <timbl@w3.org>
- Cc: "sysreq@w3.org Requests" <sysreq@w3.org>, Public TAG List <www-tag@w3.org>, Ruben Verborgh <ruben.verborgh@ugent.be>
Hi Tim,
> On 2 Dec 2019, at 18:19, Tim Berners-Lee <timbl@w3.org> wrote:
>
> We have a problem it seems with CORS for w3.org’s public data.
> It seems
>
>
> Ccing the public TAG list as maybe this will need updfating of tag documents about CORS.
>
>
> A script on localhost:3080 does a fetch to ttp://www.w3.org/1999/02/22-rdf-syntax-ns and is refused by the browser.
> The system cannot respoind to the OPTIONS with a redirect
>
>
>
>
>
> • Request URL: http://www.w3.org/1999/02/22-rdf-syntax-ns
> • Request Method: OPTIONS
> • Status Code: 307 Internal Redirect
> • Referrer Policy: no-referrer-when-downgrade
> • Response Headers
> • Access-Control-Allow-Credentials: true
> • Access-Control-Allow-Origin: http://localhost:3080
> • Location: https://www.w3.org/1999/02/22-rdf-syntax-ns
> • Non-Authoritative-Reason: HSTS
> • Request Headers
> • Provisional headers are shown
> • Referer: http://localhost:3080/devel/github.com/solid/form-playground/playground.html
> • User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
It would be good to have the exact request, as I tried to do an OPTIONS on http://www.w3.org/1999/02/22-rdf-syntax-ns and no redirect was involved.
> Access to fetch at 'http://www.w3.org/1999/02/22-rdf-syntax-ns' from origin 'http://localhost:3080' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: Redirect is not allowed for a preflight request.
I would note the
> • Status Code: 307 Internal Redirect
...
> • Non-Authoritative-Reason: HSTS
Did a request actually reach the network?
--
Baroula que barouleras, au tiéu toujou t'entourneras.
~~Yves
Received on Tuesday, 3 December 2019 21:46:32 UTC