从F搜访问某Git站issue的搜索结果CORS failed

发现F搜会把g站的issue转为通过api加载,Good!
然而这个bug希望修一下(on Firefox)

收到, 我们修复一下, 感谢反馈!

@grybig 哈喽, 我们测试没有复现. 可以发一下具体搜索的链接我们再测试下哦, 感谢!

再次试了一下,竟然又好了。。
不知道之前是不是api.github.com那边或我的firefox的问题

1 Like

好哒:ok_hand:

与浏览器的api.github.com这个url的连接方式设置有关(用了这个扩展

以这个链接 https://github.nilmap.com/issue?dest_url=https://github.com/salarcode/SmartProxy/issues/3 为例 ,

其中的一条 https://api.github.com/repos/salarcode/SmartProxy/issues/3 请求记录如下:

在Firefox 106上测试

没使用扩展,也没任何设置时(正常)

request header:

GET /repos/salarcode/SmartProxy/issues/3 HTTP/2
Host: api.github.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:106.0) Gecko/20100101 Firefox/106.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://github.nilmap.com/
Origin: https://github.nilmap.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

response header:

HTTP/2 200 OK
server: GitHub.com
date: Thu, 03 Nov 2022 02:08:11 GMT
content-type: application/json; charset=utf-8
cache-control: public, max-age=60, s-maxage=60
vary: Accept, Accept-Encoding, Accept, X-Requested-With
etag: W/"38f4f14a90a42a5345ae350a080c3e6c6ffc52c95adaea01ddf08dc1195f5aab"
last-modified: Fri, 28 Oct 2022 11:13:39 GMT
x-github-media-type: github.v3; format=json
access-control-expose-headers: ETag, Link, Location, Retry-After, X-GitHub-OTP, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Used, X-RateLimit-Resource, X-RateLimit-Reset, X-OAuth-Scopes, X-Accepted-OAuth-Scopes, X-Poll-Interval, X-GitHub-Media-Type, X-GitHub-SSO, X-GitHub-Request-Id, Deprecation, Sunset
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
content-security-policy: default-src 'none'
content-encoding: gzip
x-ratelimit-limit: 60
x-ratelimit-remaining: 59
x-ratelimit-reset: 1667444891
x-ratelimit-resource: core
x-ratelimit-used: 1
accept-ranges: bytes
content-length: 1296
x-github-request-id: AF82:4244:1CB99E:1E4CF7:6363228B
X-Firefox-Spdy: h2

扩展启用,设置为全直连 (正常)

request:

GET /repos/salarcode/SmartProxy/issues/3 HTTP/2
Host: api.github.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:106.0) Gecko/20100101 Firefox/106.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://github.nilmap.com/
Origin: https://github.nilmap.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

response:

HTTP/2 200 OK
server: GitHub.com
date: Thu, 03 Nov 2022 02:10:37 GMT
content-type: application/json; charset=utf-8
cache-control: public, max-age=60, s-maxage=60
vary: Accept, Accept-Encoding, Accept, X-Requested-With
etag: W/"38f4f14a90a42a5345ae350a080c3e6c6ffc52c95adaea01ddf08dc1195f5aab"
last-modified: Fri, 28 Oct 2022 11:13:39 GMT
x-github-media-type: github.v3; format=json
access-control-expose-headers: ETag, Link, Location, Retry-After, X-GitHub-OTP, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Used, X-RateLimit-Resource, X-RateLimit-Reset, X-OAuth-Scopes, X-Accepted-OAuth-Scopes, X-Poll-Interval, X-GitHub-Media-Type, X-GitHub-SSO, X-GitHub-Request-Id, Deprecation, Sunset
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
content-security-policy: default-src 'none'
content-encoding: gzip
x-ratelimit-limit: 60
x-ratelimit-remaining: 58
x-ratelimit-reset: 1667444891
x-ratelimit-resource: core
x-ratelimit-used: 2
accept-ranges: bytes
content-length: 1296
x-github-request-id: AF84:2A1A:2179B3:231045:6363231D
X-Firefox-Spdy: h2

扩展设置 api.github.com 连接方式为127.0.0.1:8800的http代

request:

GET /repos/salarcode/SmartProxy/issues/3 undefined
Host: api.github.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:106.0) Gecko/20100101 Firefox/106.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://github.nilmap.com/
Origin: https://github.nilmap.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

request 被禁止

console:

Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://api.github.com/repos/salarcode/SmartProxy/issues/3. (Reason: CORS request did not succeed). Status code: (null).

Uncaught (in promise) TypeError: NetworkError when attempting to fetch resource. issue:1:5762
    <anonymous> https://github.nilmap.com/issue?dest_url=https://github.com/salarcode/SmartProxy/issues/3:1
    AsyncFunctionThrow self-hosted:811
    (Async: async)
    <anonymous> https://github.nilmap.com/issue?dest_url=https://github.com/salarcode/SmartProxy/issues/3:1