Enable CORS for core translation downloads

Currently CORS isn’t enabled for a URLURL A specific web address of a website or web page on the Internet, such as a website’s URL www.wordpress.org such as the below.


This appears to be because the translation CORS headers are set to builds/(plugins|themes) which doesn’t include coreCore Core is the set of software required to run WordPress. The Core Development Team builds WordPress. (which is in builds/core/$locale.zip

Can we have that (plugins|themes) expanded to (core|plugins|themes) in the wporg_downloads_cors_* maps please?

Reported via https://github.com/WordPress/wordpress-playground/issues/1206


#prio2 #translations #nginx #playground

Redirect gutenberg.run

Currently gutenberg.run is hosted by a DigitalOcean instance that we’d like to shut down.

Can we please have that domain setup as a redirect to https://playground.wordpress.net/gutenberg.html?

Thanks in advance!

cc @adamziel
#gutenberg-run #playground #redirect #prio3

CORS requests for api.wordpress.org

Most of the WordPress.orgWordPress.org The community site where WordPress code is created and shared by the users. This is where you can download the source code for WordPress core, plugins and themes as well as the central location for community conversations and organization. https://wordpress.org/ APIAPI An API or Application Programming Interface is a software intermediary that allows programs to interact with each other and share data in limited, clearly defined ways. endpoints accept CORS requests, but nginxNGINX NGINX is open source software for web serving, reverse proxying, caching, load balancing, media streaming, and more. It started out as a web server designed for maximum performance and stability. In addition to its HTTP server capabilities, NGINX can also function as a proxy server for email (IMAP, POP3, and SMTP) and a reverse proxy and load balancer for HTTP, TCP, and UDP servers. https://www.nginx.com/. isn’t forwarding OPTIONS requests to these endpoints, when nginx considers it a “static” resource (ie. / and not /index.php)

$ curl -IsX OPTIONS https://api.wordpress.org/core/version-check/1.7/ | grep -Ei '^(HTTP|Access)'
HTTP/1.1 405 Not Allowed

$ curl -IsX OPTIONS https://api.wordpress.org/core/version-check/1.7/index.php | grep -Ei '^(HTTP|Access)'
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *

This is causing problems for playground when making requests that include custom headers, as a preflight request needs to be made.

Would it be possible to redirect OPTIONS on “static” URIs to PHPPHP PHP (recursive acronym for PHP: Hypertext Preprocessor) is a widely-used open source general-purpose scripting language that is especially suited for web development and can be embedded into HTML. http://php.net/manual/en/intro-whatis.php.? Looks like error_page 405 =200 $uri; would do it.


#prio3 #playground #cors