SDK-Testnet CORS Error

Hey there,

Recently the AE Testnet Node is throwing the following CORS error:

Access to XMLHttpRequest at 'https://sdk-testnet.aepps.com/v2/key-blocks/current' from origin 'https://app.jelly.market' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header has a value 'http://localhost:3000' that is not equal to the supplied origin.

Any suggestions?

P.S. Happy new Year.

Hey, I think @CryptoTask was experiencing the same error -

@noandrea or @jsnewby should be able to help.

2 Likes

Are there any updates on that?

Is this error only for the testnet or we can have the same experience on the mainnet?

Hello, nor me or @jsnewby are managing the nodes behind sdk-testnet.aepps.com

I also suggest to switch to testnet.aeternity.io in the future when possible,
I will anyway forward your issue

2 Likes

Thank you!

We should check this together, because sdk-testnet is the official testnet node as far as I know and all developers that want to use waellet or even base aepp on the tastnet could have this issue.

Actually sdk-testnet.aepps.com is just an alias to testnet.aeternity.io

see the SSL certificate for example:

$ curl https://sdk-testnet.aepps.com/v2/status -v
*   Trying 143.204.214.11...
* TCP_NODELAY set
* Connected to sdk-testnet.aepps.com (143.204.214.11) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
*   CAfile: /etc/ssl/cert.pem
  CApath: none
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* TLSv1.2 (IN), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (IN), TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-RSA-AES128-GCM-SHA256
* ALPN, server accepted to use h2
* Server certificate:
*  subject: CN=testnet.aeternity.io
*  start date: Jul 30 00:00:00 2019 GMT
*  expire date: Aug 30 12:00:00 2020 GMT
*  subjectAltName: host "sdk-testnet.aepps.com" matched cert's "sdk-testnet.aepps.com"
*  issuer: C=US; O=Amazon; OU=Server CA 1B; CN=Amazon
*  SSL certificate verify ok.
* Using HTTP2, server supports multi-use
* Connection state changed (HTTP/2 confirmed)
* Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0
* Using Stream ID: 1 (easy handle 0x7fe307006a00)
> GET /v2/status HTTP/2
> Host: sdk-testnet.aepps.com
> User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0)
> Accept: */*
> Referer: 

P.S. I’m working on the CORS issue, should be resolved shortly and I’ll post an update.

2 Likes

The CORS issue on testnet gateway should be fixed now, please test and let me know if it fixed for you as well.

1 Like

Well, I guess it’s not fixed yet:

Access to XMLHttpRequest at 'https://sdk-testnet.aepps.com/v2/key-blocks/current' from origin 'http://localhost:3000' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header has a value 'https://app.jelly.market' that is not equal to the supplied origin.

We further debugged this together with @kraykov and it turns out the cached responses are missing the Vary: Origin which is important piece.

As an immediate workaround if you’re switching between apps on different domains (e.g. localhost and your staging domain), you have to clear your browser cache.

I’ll be working to fix that in general in the next week(s).

1 Like

Cross-linking the tracking issue: CORS and caching · Issue #3110 · aeternity/aeternity · GitHub

1 Like