Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Access-Control-Allow-Origin header is lowercased when kernel-service is accessed via tmpnb / configurable-http-proxy #4

Open
odewahn opened this issue Jan 14, 2015 · 2 comments
Open

Access-Control-Allow-Origin header is lowercased when kernel-service is accessed via tmpnb / configurable-http-proxy #4

odewahn opened this issue Jan 14, 2015 · 2 comments

Comments

@odewahn
Copy link
Collaborator

odewahn commented Jan 14, 2015

It seems like the Access-Control-Allow-Origin header is being set to lowercase when it is run through the configurable-http-proxy. Although this is no problem in Chrome, it causes the Safari browser to not recognize the header.

Here's an example. When I access the kernel service over the proxy, not the lower-cased value for Access-Control-Allow-Origin.

http http://jupyter-kernel.odewahn.com:8000/user/pVLZmkH43KTT/api/kernels

HTTP/1.1 200 OK
access-control-allow-origin: *
connection: close
content-length: 67
content-security-policy:
content-type: text/html; charset=UTF-8
date: Wed, 14 Jan 2015 20:03:13 GMT
etag: "93ee31e7d5a26e434153a8cb61633602a0d273cb"
server: TornadoServer/4.0.2
set-cookie: ignored=; expires=Tue, 14 Jan 2014 20:03:13 GMT; Path=/
x-frame-options: SAMEORIGIN

[{"id": "cea89cc0-55a5-42bb-b926-755e5786d8ef", "name": "python2"}]

When I run this directly on the host, though, and bypass the proxy, here's the result. Note that the header is mixed case, which is what is expected:

http 0.0.0.0:50746/user/pVLZmkH43KTT/api/kernels

HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Content-Length: 67
Content-Security-Policy:
Content-Type: text/html; charset=UTF-8
Date: Wed, 14 Jan 2015 20:05:04 GMT
Etag: "93ee31e7d5a26e434153a8cb61633602a0d273cb"
Server: TornadoServer/4.0.2
Set-Cookie: ignored=; expires=Tue, 14 Jan 2014 20:05:04 GMT; Path=/
X-Frame-Options: SAMEORIGIN

[{"id": "cea89cc0-55a5-42bb-b926-755e5786d8ef", "name": "python2"}]
@rgbkrk
Copy link
Owner

rgbkrk commented Jan 15, 2015

That is just beyond annoying. RFC 2616 declares them case insensitive (section 4.2), but I'm not sure I'll ever expect standards to get adhered to. Definitely an issue to raise in the configurable-http-proxy. Seems to come up in node land and the config proxy is based on http-proxy.

@odewahn
Copy link
Collaborator Author

odewahn commented Jan 15, 2015

It could be more complex than just the case, then. @runemadsen might be
able to shed more specifics on it.

On Wed, Jan 14, 2015 at 9:17 PM, Kyle Kelley notifications@github.com
wrote:

That is just beyond annoying. RFC 2616
http://www.w3.org/Protocols/rfc2616/rfc2616-sec4.html declares them
case insensitive (section 4.2), but I'm not sure I'll ever expect standards
to get adhered to. Definitely an issue to raise in the
configurable-http-proxy. Seems to come up in node land
nodejs/node-v0.x-archive#1954 and the config proxy is
based on http-proxy.


Reply to this email directly or view it on GitHub
#4 (comment)
.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@odewahn @rgbkrk