https://www.ory.sh/ logo
Join Slack
Powered by
From the public UI `:4455`, it seems that my confi...
# talk-kratos
p
From the public UI 
:4455
, it seems that my config does not allow me to get 
/.well-known/ory/webauthn.js
. The cors log from kratos shows this:
Copy code
[cors] 2023/08/20 00:27:30 Handler: Actual request
[cors] 2023/08/20 00:27:30   Actual request no headers added: origin '<http://127.0.0.1:4455>' not allowed
time=2023-08-20T00:27:30-04:00 level=info msg=started handling request http_request=map[headers:map[accept:*/* accept-encoding:gzip, deflate, br accept-language:en-US,en;q=0.9,zh-CN;q=0.8,zh;q=0.7 connection:keep-alive origin:<http://127.0.0.1:4455> sec-ch-ua:"Chromium";v="116", "Not)A;Brand";v="24", "Google Chrome";v="116" sec-ch-ua-mobile:?0 sec-ch-ua-platform:"Windows" sec-fetch-dest:script sec-fetch-mode:cors sec-fetch-site:same-site user-agent:Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36] host:127.0.0.1:4433 method:GET path:/.well-known/ory/webauthn.js query:<nil> remote:127.0.0.1:55276 scheme:http]
time=2023-08-20T00:27:30-04:00 level=info msg=completed handling request http_request=map[headers:map[accept:*/* accept-encoding:gzip, deflate, br accept-language:en-US,en;q=0.9,zh-CN;q=0.8,zh;q=0.7 connection:keep-alive origin:<http://127.0.0.1:4455> sec-ch-ua:"Chromium";v="116", "Not)A;Brand";v="24", "Google Chrome";v="116" sec-ch-ua-mobile:?0 sec-ch-ua-platform:"Windows" sec-fetch-dest:script sec-fetch-mode:cors sec-fetch-site:same-site user-agent:Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36] host:127.0.0.1:4433 method:GET path:/.well-known/ory/webauthn.js query:<nil> remote:127.0.0.1:55276 scheme:http] http_response=map[headers:map[cache-control:private, no-cache, no-store, must-revalidate content-type:text/javascript; charset=UTF-8 set-cookie:[csrf_token_806060ca5bf70dff3caa0e5c860002aade9d470a5a4dce73bcfa7ba10778f481=/FwSqGIXUbQ+oY3dhIMtIqTAy54EfZsSr8tpW6CJ5Mc=; Path=/; Domain=127.0.0.1; Max-Age=31536000; HttpOnly; SameSite=Lax] vary:Origin] size:3364 status:200 text_status:OK took:1.0004ms]
Part of my kratos config is:
Copy code
public:
    base_url: <http://127.0.0.1:4433/>
    port: 4433
    cors:
      enabled: true
      allowed_origins:
        - <http://127.0.0.1>
      allow_credentials: false
      max_age: 300
      debug: true
  admin:
    base_url: <http://127.0.0.1:4434/>
    host: 127.0.0.1
    port: 4434
Trying to solve this problem:
Copy code
Access to script at '<http://127.0.0.1:4433/.well-known/ory/webauthn.js>' from origin '<http://127.0.0.1:4455>' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
s
the cors origin has to include the port, as the logs suggest:
Copy code
origin '<http://127.0.0.1:4455>' not allowed
that origin is not in the list of allowed origins
Open in Slack
PreviousNext
Powered by