Hey, Tankred from OpenPGP.js / Whiteout.io here. I’m currently testing HTTP CORS request to SKS via JS in the browser after having read the announcement on v1.1.5 (https://lists.gnupg.org/pipermail/gnupg-users/2014-May/049682.html). Unfortunately I’m getting a 502 (Bad Gateway) response. Upon further analysis I saw that only the following header is set:
The Access-Control-Allow-Origin: * Tested using: https://keyserver.ubuntu.com/pks/lookup?op=get&options=mr&search=safewithme.testuser%40gmail.com This is indeed a requirement for CORS requests, but not sufficient. Without the following headers, CORS requests from the Browser will fail as an OPTIONS preflight check is required: Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS 'Access-Control-Allow-Headers‘: Content-Type You can test how it should look here: https://keys.whiteout.io/safewithme.testu...@gmail.com Would it be possible to add the headers? It would allow me the remove the need for our proprietary key server proxy and send requests directly to SKS server from the web. Thanks! Tankred
signature.asc
Description: Message signed with OpenPGP using GPGMail
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
