-
Notifications
You must be signed in to change notification settings - Fork 68
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add CORS support for s.codepen.io #1589
Comments
this is pending compliance approval |
@jseppi this has to be manually deployed, right? |
should we test it with staging first? |
Yup. I've already deployed the change to |
Here's the pen where I'm testing this: https://codepen.io/anon/pen/mXrXVR |
That's odd. If there was already a header with a wildcard this should have been working already. Should we remove from staging and see what headers we can see without? |
That is real odd. And we know its not in the code...is the next step to ask cloud.gov? |
Hmm k. I assume the only people who can see those settings are cloud.gov staff (why would they be different? so odd) |
Updated the implementation sketch with new details in light of finding out we can set CORS policy directly on the cloud.gov-brokered S3 buckets. |
Updated again :) |
@jseppi I'm good doing a merge to |
Alright, this should be all finished 🎉 Want to confirm, @maya? I'm not seeing any more CORS errors on your pen at https://codepen.io/USWDS/pen/BYjrRK?editors=1101 |
@jseppi LGTM 🎉 yes, I checked some of my pens that had the errors before and they don't have it anymore! |
@maya: we changed how we're doing this in order to fix the |
Confirmed! Working for me 🎉 |
Description of feature or bug
I have this CodePen: https://codepen.io/USWDS/pen/BYjrRK?editors=1100
and getting this error in the console in Chrome:
From @jseppi:
Definition of done
"pens" on
s.codepen.io
can AJAX-in assets from Federalist sites throughfederalist-proxy.app.cloud.gov
Testing pen: https://codepen.io/anon/pen/mXrXVR?editors=0011
After evaluating, edit this part:
Level of effort
lowmedium (updated)Implementation outline (if higher than "low" effort):
at https://cloud.gov/docs/services/s3/#allowing-client-side-web-access-from-external-applications and https://docs.aws.amazon.com/cli/latest/reference/s3api/delete-bucket-cors.html
federalist-proxy
The text was updated successfully, but these errors were encountered: