Online version broken in Chrome due to Private Network Access #4
Comments
sschmidTU
pushed a commit
that referenced
this issue
Feb 10, 2022
…e changes (#4) also see previous commits
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
see https://developer.chrome.com/blog/private-network-access-preflight/
Looks like they finally updated Chrome to block private network access if the request answerer (AnkiConnect) doesn't add the header to allow it.
It still works offline in Chrome, and online in Firefox and Edge, see the readme -> Troubleshooting section.
A solution to this would be patching AnkiConnect to add a setting in the config to set the
Access-Control-Allow-Private-Networkheader to true.There are already a few issues in AnkiConnect about similar things related to CORS:
https://github.com/FooSoft/anki-connect/issues?q=is%3Aissue+CORS
e.g. this one:
FooSoft/anki-connect#201
They seem to recommend not using the API on a webpage due to the possibility of malicious websites changing your decks, though that is a pretty unlikely event (and not possible on my website, since it's open source and only doing very specific requests).
So, it would at least be nice to have the option to allow this.
The text was updated successfully, but these errors were encountered: