1. CORS error adding SSH public key to account

CORS error adding SSH public key to account

Home Forums FABRIC General Questions and Discussion CORS error adding SSH public key to account

Viewing 15 posts - 1 through 15 (of 17 total)
  • Author
    Posts
  • #2028
    Nicholas Bastin
    Participant

      When I try to add an SSH public key through the Manage SSH Keys UI, it doesn’t appear to do anything when I click the “Upload Public Key” button, and there is a CORS error in the Firefox (91.9.1esr) console:

      Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://uis.fabric-testbed.net/sshkey/sliver?public_openssh=ssh-rsa%20AAAAB3...bZc%3D&description=Sliver%20key. (Reason: CORS header ‘Access-Control-Allow-Origin’ missing).

      (Base64 trimmed for readability)

      #2030
      Yaxue Guo
      Keymaster

        Hi Nicholas,

        I just tried the “Upload Public Key” function from production portal in Firefox and it works as expected without any CORS error. I will contact our backend service team and double-check the CORS config for UIS API services. And will also improve the portal UI to provide more detailed status by toast messages.

        Could you please use the “Generate SSH Key Pair” function instead for now? Thanks for providing your feedback!

        Yaxue

        #2032
        Ilya Baldin
        Participant

          Nick,

          What OS are you using? Firefox 101 on MacOS seems to work without issues for me.

          #2033
          Nicholas Bastin
          Participant

            What version of Firefox are you using? I set the base security policy to Standard and even added Enhanced Tracking Protection exceptions for portal.fabric-testbed.net and uis.fabric-testbed.net, and still I get this error.

            #2034
            Nicholas Bastin
            Participant

              I’m using ESR on Linux. I can try to grab the latest non-ESR and see if that works.

              #2036
              Nicholas Bastin
              Participant

                I’m getting the same problem in 101.0.

                #2037
                Ilya Baldin
                Participant

                  We need to try this on Linux I think. What distro are you using – I think we may need to spin up a VM with a similar environment.

                  #2038
                  Nicholas Bastin
                  Participant

                    I’m using alpine, although I tried an ubuntu VM and that had the same issue. I’m just using the straight .tar.bz2 from mozilla so it should be basically the same everywhere (I do run with –no-remote, but that shouldn’t change anything here). I set up a clean network path to the internet with no proxies or transparent NFs, and that didn’t fix anything either.

                    #2039
                    Yaxue Guo
                    Keymaster

                      I think it may be the issue of browser, not OS.

                      Hi Nick, are you using any plugin/ extension in your Firefox browser? If so can you disable them and try again?

                      By the way, I found a similar question from StackOverflow with multiple possible answers: https://stackoverflow.com/questions/24371734/firefox-cross-origin-request-blocked-despite-headers

                      #2040
                      Nicholas Bastin
                      Participant

                        Is there a fabric API endpoint I can use to set my ssh keys? 🙂

                        #2041
                        Ilya Baldin
                        Participant

                          Of course there is, but indulge us for a minute  – let’s see if we can figure this out. If you are having this problem, someone else might at some point.

                          The service runs of https://uis.fabric-testbed.net/ui/

                          #2042
                          Nicholas Bastin
                          Participant

                            I have zero extensions, plain vanilla firefox.

                            I tried setting network.notify.change to false as one of the recommendations from SE, and also tried forcing HTTPS-only mode, and neither of those made any difference.

                            #2043
                            Nicholas Bastin
                            Participant

                              For what it’s worth, I’m getting a 500, so the CORS problem might not be the root cause (new firefox adds the status code):

                              Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://uis.fabric-testbed.net/sshkey/bastion?public_openssh=ssh-rsa%20AAAAB...DeW3Pv%2BBv2PBgP%2Flptd4Q4Hx9RiXsGQshwfbWsdDbxOqP%2Bpj4xyc%3D&description=bastion. (Reason: CORS header ‘Access-Control-Allow-Origin’ missing). Status code: 500.

                              #2045
                              Ilya Baldin
                              Participant

                                Nick, I believe your key format is wrong. I need to check why you are not getting an appropriate error message. Please use a format described in this article:

                                Logging into FABRIC VMs

                                 

                                #2046
                                Nicholas Bastin
                                Participant

                                  Ok, I’m wagering the problem is that I always use an empty comment – this is a valid key, you really should handle it.. 🙂

                                  I’ll give it a shot with something in the field.

                                Viewing 15 posts - 1 through 15 (of 17 total)
                                • You must be logged in to reply to this topic.