Since recently seems Aeternity API has introduced a CORS policy that is causing us errors, ie:
Access to XMLHttpRequest at ‘https://sdk-testnet.aepps.com/v2/key-blocks/current’ from origin ‘https://app.dev.cryptotask.org’ has been blocked by CORS policy: The ‘Access-Control-Allow-Origin’ header has a value ‘https://base.aepps.com’ that is not equal to the supplied origin.
What is the reason for allowing only that origin, it means no one is able to test code without hosting their own full node?
Of course you should be able to test code with other nodes. The SDK is also using the aeternal.io node and middleware as a standard setting. I’m not sure what causes this problem but I’ve forwarded your question. Thanks for asking!
It should be fixed, see SDK-Testnet CORS Error
Sorry for the long delay, I’m sure we’ll start processing similar issues much faster very soon.
Hey, any updates on that issue?
The same issue is observed for https://compiler.aepps.com/encode-calldata
Could you please report that issue in the compiler repo, so we don’t forgot about it.
No progress so far as i’m busy with services migration so far.
Any chance for an estimation? Also if we build our own aeternal and compiler are we going to observe the same behavior?
No, this depends on your reverse proxy configuration
I’ve temporary disabled the edge caches, and the fix on its way.
however, it has to be released, then deployed etc.
I am using online IDEs and seems both are having issues with CORS trying to reach remote compiler:
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://latest.compiler.aepps.com/decode-call-result. (Reason: CORS header ‘Access-Control-Allow-Origin’ missing).
Compiler has been updated to 4.2.1
$ curl https://compiler.aepps.com/api-version -H "Sophia-Compiler-Version: 4.2.0"
{"api-version":"4.2.1"}
Also latest point to that version as well:
$ curl https://latest.compiler.aepps.com/api-version
{"api-version":"4.2.1"}
Please note I’m using the api-version above as the sophia compiler version is the same (4.2.0) as it hasn’t been updated in this API bugfix release.
$ curl https://latest.compiler.aepps.com/version
{"version":"4.2.0"}
To be fair it is the same compiler, so just bumping the API-version sounds right.
@dincho.chain I’m still getting the same CORS error with both IDEs
Maybe you should provide more details.
@dincho.chain sure
So compiling and testing at Contracts Aepp
contract MapTest =
record state = { tMap : map(int, int) }
stateful entrypoint init() = { tMap = {} }
entrypoint getMapPositive(index: int) =
state.tMap[index = 5]
entrypoint getMapNegative(index: int) =
state.tMap[index = -5]
The weird thing is that getMapPositive(8) returns 5 as expected, but getMapNegative(8) returns: Unknown error and in the browser console I get:
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://latest.compiler.aepps.com/decode-call-result. (Reason: CORS header ‘Access-Control-Allow-Origin’ missing).
@dincho.chain is this going to be resolved?
I’m looking into it right now, looks like HTTP compiler issue to me that throws 500 error, not directly related to CORS.
See Exception error: {encode_expr_todo,'-'} · Issue #59 · aeternity/aesophia_http · GitHub
thanks! 
i will use my local full node in the meantime, just for the community in general i think it is very useful that online IDE works properly, as people can start experimenting with sophia right away ^^
There is no doubt that we should have easy to use tools (and properly working) to onboard new developers
Hey, this nasty issue makes me wanna cry already @dincho.chain
Access to XMLHttpRequest at 'https://compiler.aepps.com/decode-call-result' from origin 'http://localhost:3000' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.