current_log_list API failing on https://certificate.transparency.dev/ about certificate-transparency-community-site HOT 11 CLOSED

Good point. I can replicate this issue using the India proxy. Next step is to get someone from Apple to look into this.

from certificate-transparency-community-site.

Thank you very much for reporting this issue. I was able to replicate this a while ago. The access-control-allow-origin: * was missing but it is now back for some reason.

If you are able to replicate the issue, please capture and post the response header of the current_log_list.json.

from certificate-transparency-community-site.

Response header as requested by @roger2hk
HTTP/1.1 200 OK x-amz-id-2: oKjePZqeCXeaAbzXMZ4vTg3GIKOKMl8ig3YXDaQYpN0V/Qpn71xwkZdDPPAxPx/IuyuBuHvrXTs= x-amz-request-id: 3H1BP40TR7TTQVS6 Last-Modified: Mon, 02 May 2022 22:35:45 GMT ETag: "64cecfaf047781b79c5f8d7e224fd31a" Accept-Ranges: bytes Content-Type: application/json Server: AmazonS3 Vary: Accept-Encoding Content-Encoding: gzip Date: Tue, 05 Jul 2022 06:55:14 GMT Content-Length: 10143 Connection: keep-alive

Let me know if HAR file is needed for further investigation

Regards,
Nauman Shah

from certificate-transparency-community-site.

I have been trying to replicate the issue but no luck. If it still doesn't work for you, the HAR file would definitely help. The access-control-allow-origin: * and CDN information are missing in your response header.

On top of the HAR file, which browser and version are you using?

from certificate-transparency-community-site.

Using Google Chrome Version 103.0.5060.114
Response header didn't have the access-control-allow-origin header. Not sure about the CDM information

Attaching the requested HAR taken just now
certificate.transparency.dev.zip

from certificate-transparency-community-site.

I could not replicate this issue in other browsers or devices. Please try to browse the same website in other browsers or devices. If it works, there might be some issue with your existing browser settings or extensions.

from certificate-transparency-community-site.

I tried with Mozilla Firefox even with private browsing, Google Chrome with incognito with no extensions enabled, Chrome Canary with incognito with no extension enabled and in all cases it was leading to the same issue.

Could it be an issue with a particular region? or the Apple API being called has some issue?

from certificate-transparency-community-site.

Now the issue is resolved.
Please close the ticket. Thanks for the quick response and resolution @roger2hk

from certificate-transparency-community-site.

Great, thanks for the verification.

from certificate-transparency-community-site.

The same CORS issue comes back.

from certificate-transparency-community-site.

This issue is fixed by Apple and verified.

from certificate-transparency-community-site.