Okay, this is a test comment to check whether it comes under my blog. Don’t panic!
That’s the simple curl i did. The json response seems intuitive. I will just have to figure out how the others mapped it to the ui.
@trinsec Okay for some reason, the get request from the code is denied!
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://qoto.org/api/v1/statuses/109399795717279616/context. (Reason: CORS header ‘Access-Control-Allow-Origin’ does not match ‘*, *’).
I am not sure if it is some server setting that only the admin can do something about.
@trinsec @freemo All the Hugo guides are reusing the code first credited to @carlschwan at https://carlschwan.eu/2020/12/29/adding-comments-to-your-static-blog-with-mastodon/
@carlschwan, any thoughts on the matter?
@bevsxyz @trinsec @firstname.lastname@example.org No idea how this could happen but it seems your server is sending twice the following HTTP header: access-control-allow-origin: *
And this seems to be the issue :( This might be caused by a proxy/firewall adding the header a second time on the server and you might want to contact your server admin
@trinsec @freemo guys looks like @carlschwan identified the issue. You guys are the admins, so I hope you guys feel motivated enough to figure out a fix😛😛
Ahh ok, good to note… I can look into that for the next release and if its the code rather than the firewall i can address it.
@freemo @trinsec While you’re at it could you also check whether the domain based verification is switched off. I added a link to my profile as suggested to my header. However it’s not verified yet. Did that a couple of days ago. Perhaps you had disabled it because of too many hits. I just wanted to verify this before going for funky emojis.
I think the header issue could be due to the CDN for avatar.
Check this docs https://docs.joinmastodon.org/admin/config/#cdn_host
Perhaps any external buckets as well.
I am not sure but the nginx was the only thing I found in the docs for proxy.
@freemo @trinsec i think it’s the way I have made the request. One thing i changed in the code was to use the cdn version of dompurify package rather than a local one. But from what I’ve seen the fetching is not done by the package and that’s where the error is happening.
Ha i saw a js library for mastodon but that seemed to require a token.
QOTO: Question Others to Teach Ourselves
An inclusive, Academic Freedom, instance
All cultures welcome.
Hate speech and harassment strictly forbidden.
@bevsxyz Mm, doesn’t look like that worked. Though I hope you get it to work. I was contemplating Hugo and Mastodon comments as well.