- This topic has 16 replies, 3 voices, and was last updated 2 years, 5 months ago by
.
-
Posts
-
When I try to add an SSH public key through the Manage SSH Keys UI, it doesn’t appear to do anything when I click the “Upload Public Key” button, and there is a CORS error in the Firefox (91.9.1esr) console:
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://uis.fabric-testbed.net/sshkey/sliver?public_openssh=ssh-rsa%20AAAAB3...bZc%3D&description=Sliver%20key. (Reason: CORS header ‘Access-Control-Allow-Origin’ missing).(Base64 trimmed for readability)
Hi Nicholas,
I just tried the “Upload Public Key” function from production portal in Firefox and it works as expected without any CORS error. I will contact our backend service team and double-check the CORS config for UIS API services. And will also improve the portal UI to provide more detailed status by toast messages.
Could you please use the “Generate SSH Key Pair” function instead for now? Thanks for providing your feedback!
Yaxue
What version of Firefox are you using? I set the base security policy to Standard and even added Enhanced Tracking Protection exceptions for portal.fabric-testbed.net and uis.fabric-testbed.net, and still I get this error.
We need to try this on Linux I think. What distro are you using – I think we may need to spin up a VM with a similar environment.
I’m using alpine, although I tried an ubuntu VM and that had the same issue. I’m just using the straight .tar.bz2 from mozilla so it should be basically the same everywhere (I do run with –no-remote, but that shouldn’t change anything here). I set up a clean network path to the internet with no proxies or transparent NFs, and that didn’t fix anything either.
I think it may be the issue of browser, not OS.
Hi Nick, are you using any plugin/ extension in your Firefox browser? If so can you disable them and try again?
By the way, I found a similar question from StackOverflow with multiple possible answers: https://stackoverflow.com/questions/24371734/firefox-cross-origin-request-blocked-despite-headers
Of course there is, but indulge us for a minute – let’s see if we can figure this out. If you are having this problem, someone else might at some point.
The service runs of https://uis.fabric-testbed.net/ui/
I have zero extensions, plain vanilla firefox.
I tried setting
network.notify.changeto false as one of the recommendations from SE, and also tried forcing HTTPS-only mode, and neither of those made any difference.For what it’s worth, I’m getting a 500, so the CORS problem might not be the root cause (new firefox adds the status code):
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://uis.fabric-testbed.net/sshkey/bastion?public_openssh=ssh-rsa%20AAAAB...DeW3Pv%2BBv2PBgP%2Flptd4Q4Hx9RiXsGQshwfbWsdDbxOqP%2Bpj4xyc%3D&description=bastion. (Reason: CORS header ‘Access-Control-Allow-Origin’ missing). Status code: 500.
Nick, I believe your key format is wrong. I need to check why you are not getting an appropriate error message. Please use a format described in this article:
- You must be logged in to reply to this topic.