Skip to content
GitLab
  • Explore
  • Sign in
  • tails
  • sysadmin
  • Issues
  • #17771

Allow cross-origin requests on https://tails.boum.org/install/v2/Tails/amd64/stable/latest.json

See tails#16128 (comment 156929).

We're killing the verification extension and moving the verification to the page itself.

We want to ask you to change the same-origin policy for https://tails.boum.org/install/v2/Tails/amd64/stable/latest.json in Nginx. This would ease the development of this verification page from a local version of the website. It would also allow users to verify from the local version of our website included in Tails.

If I understand correctly, it means returning Access-Control-Allow-Origin: * as an extra header when fetching https://tails.boum.org/install/v2/Tails/amd64/stable/latest.json.

Note that using "file:///home/amnesia/Persistent/Tor%20Browser/master/install/v2/Tails/amd64/stable/latest.json" for development doesn't work either, so it seems like we anyway need to use a server that have a more relaxed same-origin policy for testing and development. That's why @meixler used his proxy for dev but I'd rather not depend on his personal development resources on the long term.

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information
Assignee
Assign to
Time tracking