Get crash-analysis.mozilla.com to send a CORS header to allow other sites to use the data

RESOLVED INVALID

Status

Socorro
General
RESOLVED INVALID
2 years ago
3 months ago

People

(Reporter: Robert Kaiser, Unassigned)

Tracking

Firefox Tracking Flags

(Not tracked)

Details

(Reporter)

Description

2 years ago
When trying to set up a dashboard using the JSON data I have on crash-analysis.m.c on a different website (via XHR), I get errors like this:

Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://crash-analysis.mozilla.com/rkaiser/latestdate.txt. (Reason: CORS header 'Access-Control-Allow-Origin' missing).

As we'd like to get more flexible in where and how we can use data (and run less stuff within infrastructure needing to be hosted by the Socorro team), I think we should send that header to allow any site to use that data.
After discussion we concluded that it's fine. There's no user data that can change on that nginx server. 
I'll leave it to jp to execute.

Comment 2

2 years ago
I'm going to run it by ulfr as a sanity test, and not going to go making these changes while I'm on pto.  Thus, we'll target early next week to address.
r+ for me
Access-Control-Allow-Origin: *
We don't support crash-analysis any more. If there's a problem with CORS headers that someone else needs we can open a new bug.
Status: NEW → RESOLVED
Last Resolved: 3 months ago
Resolution: --- → INVALID
You need to log in before you can comment on or make changes to this bug.