Js-ipfs: Preload generating CORS errors in console

Fixed here https://github.com/ipfs/js-ipfs/issues/1459#issuecomment-408654621 and in https://github.com/ipfs/js-ipfs/pull/1475/commits/4e50e70c2c5f52b231725d8cd7054f6158136258

this seems to come back intermittently, any ideas?

Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://node1.preload.ipfs.io/api/v0/refs?r=true&arg=zdj7WkiVdkzBK8ponzCkE17CJdpsrxs28PGCTTuDPbhgCCXjg. (Reason: CORS request did not succeed). 

I believe this could still occur if the preload nodes are down. @lgierth is still true?

a scenario I've seen is when a service behind nginx, rather than nginx itself, generates the CORS headers, and that service goes down, we end up with nginx-generated messages without the right CORS (which then masks the underlying service failure)

could that be happening here?

By now nginx should be doing the CORS headers exclusively though, and go-ipfs shouldn't be setting them anymore.

I'll double-check this tomorrow.

@lgierth - do you mean just for this (preload) case, or for all cases. Because we've also got an open bug where go-ipfs running locally (on a laptop) is denying access to local browser. https://github.com/ipfs/js-ipfs-api/issues/855

Just talking about the preload.ipfs.io and ipfs.io cases, but I'll check that /version issue out too

Seconding this problem - no idea why this is happening, but I've tried several different methods (see: https://gist.github.com/patientplatypus/a4adc9d1ae69fa7b3c67843ae8bab935) and I keep getting CORS errors. My code was working prior and I didn't change anything. I think this is a bug.

Here is the error:

Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://node1.preload.ipfs.io/api/v0/refs?r=true&arg=QmcB5MvGmETQUQYeTbqd42HuN3kh1AReHwpk9BE45BXAMt. (Reason: CORS header ‘Access-Control-Allow-Origin’ missing).[Learn More]
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://node0.preload.ipfs.io/api/v0/refs?r=true&arg=QmcB5MvGmETQUQYeTbqd42HuN3kh1AReHwpk9BE45BXAMt. (Reason: CORS header ‘Access-Control-Allow-Origin’ missing).[Learn More]
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://node1.preload.ipfs.io/api/v0/refs?r=true&arg=QmcB5MvGmETQUQYeTbqd42HuN3kh1AReHwpk9BE45BXAMt. (Reason: CORS header ‘Access-Control-Allow-Origin’ missing).[Learn More]

I have allow origins * in my config, so I don't think it can be client side...

Just confirming this preload/CORS issue is still happening.

Although this might not be a CORS problem since its returning a "502 Bad Gateway" response, which (because it doesnt have cors headers) generates a cors error.

The exact string is https://node1.preload.ipfs.io/api/v0/refs?r=true&arg=zdj7WePre4jBSvoCyAZQHJUCk7Jqin4fwGNKeMNE7st9Brebh

This has been fixed (AFAIK). Let us know if not, closing for now.

@diasdavid Can you point me to the tag or hash that has this fixed? I just tried 0.33.0-rc3 and it still exhibits all errors reported. 502 gateway, CORS and preload errors.

I tried to run the latest RC because I woke up this morning unable to communicate to the IPFS network at all in my app. Seems none of the bootstrap nodes will allow proper communication due to these errors.

I'm certainly still seeing this as well.
@diasdavid is the required fix client-(JS) side or server (go) side ?

@mitra42 I believe there were multiple hiccups on IPFS Infrastructure recently, but I'll let the @ipfs/infrastructure team confirm.

If you see a CORS issue, it always means that the endpoint (in this case the go-ipfs node) doesn't have CORS enabled. CORS is a Browser protection but that gets set by the "server" part to avoid getting servers contacted from browsers on domains that are not whitelisted.

https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS explains CORS very well.

@diasdavid - I'm familiar with CORS. CORS problems I've seen have been either "client" or "server" (Go-IPFS node) side, if the client didn't add the right "Origin" headers it can cause problems, or it could be the server not properly responding to that header.

If its a server problem, as you suggest, then this issue should probably be re-opened, because as of yesterday some of your default preload servers don't have CORS enabled.

@mitra42 I opened a issue on the IPFS Infrastructure, check progress here https://github.com/ipfs/infrastructure/issues/447

Hi there!
I tried out to call ipfs` api directing to localhost but faced CORS error. I did CORS` guide from js-ipfs-api README.md, but it wasn`t fixed.
Here is my ipfs config API.HTTPHeaders.Access-Control-Allow-Origin:

[
  "http://localhost",
  "http://127.0.0.1"
]

(also i tried to set without http://, with port, only localhost and only 127.0.0.1 - same results)
can you help me?
Also i`ve tried to connect to some addresses from my ipfs bootstrap list - but it results with:
net::ERR_NAME_NOT_RESOLVED to dnsaddr;
net::ERR_INVALID_HTTP_RESPONSE to ipv4 addresses;
net::ERR_ADDRESS_UNREACHABLE to ipv6 addresses.
It is not related to topic but hope someone can help me anyway...