CORS error / Access-Control-Allow-Origin

Question

CORS error / Access-Control-Allow-Origin

VladislavZhdanov opened this issue 7 years ago · 4 comments

I'm trying to load the coinhive.js file from my server.
I've set up a server on Digitalocean, installed the docker and apache. After that I replaced "localhost" for my IP server, for example: "123.123.123.123".

After that I created the HTML page:

<html>
	<head>
		<title>Miner</title>
	</head>
	<body>
		<p id="sp"></p>
		<p id="th"></p>
		<p id="ah"></p>

  		<script src="http://123.123.123.123/coinhive-stratum-mining-proxy/static/miner/miner.js"></script>
		<!--<script src="https://coinhive.com/lib/coinhive.min.js"></script>-->
		<script>
		CoinHive.CONFIG.WEBSOCKET_SHARDS = [["ws://123.123.123.123:8892/proxy"]];
		var miner = new CoinHive.Anonymous('XXXXXXXXXXXXXX');
		miner.start();

		setInterval(function() {
		  var hashesPerSecond = miner.getHashesPerSecond();
		  var totalHashes = miner.getTotalHashes();
		  var acceptedHashes = miner.getAcceptedHashes();
		  document.getElementById("sp").innerHTML = "Speed = " + hashesPerSecond.toFixed(2) + " hash/sec";
		  document.getElementById("th").innerHTML = "Total Hashes = " + totalHashes;
		  document.getElementById("ah").innerHTML = "Accepted Hashes = " + acceptedHashes;
		}, 1000);
		</script>

	</body>
</html>

And the console throws me this error:
_

Failed to load http://123.123.123.123/coinhive-stratum-mining-proxy/static/miner/cryptonight.wasm: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'null' is therefore not allowed access. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.

_

If I use this script "https://coinhive.com/lib/coinhive.min.js" everything works fine.

Answer 1 · 2017-10-06T08:45:40.000Z

You need to allow Access-Control-Allow-Origin on your library server for the host that's pulling the file. If you have multiple hosts pulling the file, you would use:
Access-Control-Allow-Origin "*"

This can be done via PHP, but is better to set server sided under the server configurations for Nginx, Apache, Lighttpd

Answer 2 · 2017-10-06T09:12:26.000Z

Thanks for the reply @QuantumLeaper. I have this configuration in .htaccess file. What I'm doing wrong? Do you have an example in Nginx or any other server? Sorry for the noob question.

Answer 3 · 2017-10-06T11:16:48.000Z

Solved by adding CORS in Nginx

Answer 4 · 2017-10-07T04:54:36.000Z

I was having this same issue, after trying for an hour of trying to get the requester to have the header, I reread the error and found I was working on the wrong side of it. I have made a pull request that adds the needed header so that CORS is not an issue.