[Csnd] [OT] fetch question

[Csnd] [OT] fetch question

Date	2023-01-15 14:45
From	Victor Lazzarini
Subject	[Csnd] [OT] fetch question
	I get confused as to what we are allowed to fetch. For example, say we have the code fetch(srcf).then((x) => { bx = x }) Some URLs seem to be fetched while others fail to fetch. For example, I tried to fetch from Steven’s site https://www.kunstmusik.com/mp3/hidden_laws.mp3 and it failed. But I can fetch the index.html from http://kunstmusik.github.io/icsc2022-csound-web/index.html Both are CORS but one can be fetched and the other can’t. Does anyone have a clue? ======================== Prof. Victor Lazzarini Maynooth University Ireland Csound mailing list Csound@listserv.heanet.ie https://listserv.heanet.ie/cgi-bin/wa?A0=CSOUND Send bugs reports to https://github.com/csound/csound/issues Discussions of bugs and features can be posted here

Date	2023-01-15 17:58
From	Rory Walsh
Subject	Re: [Csnd] [OT] fetch question
	I have no idea, is it because one is http while the other is https? On Sun 15 Jan 2023, 2:45 p.m. Victor Lazzarini, <Victor.Lazzarini@mu.ie> wrote: I get confused as to what we are allowed to fetch. For example, say we have the code fetch(srcf).then((x) => { bx = x }) Some URLs seem to be fetched while others fail to fetch. For example, I tried to fetch from Steven’s site https://www.kunstmusik.com/mp3/hidden_laws.mp3 and it failed. But I can fetch the index.html from http://kunstmusik.github.io/icsc2022-csound-web/index.html Both are CORS but one can be fetched and the other can’t. Does anyone have a clue? ======================== Prof. Victor Lazzarini Maynooth University Ireland Csound mailing list Csound@listserv.heanet.ie https://listserv.heanet.ie/cgi-bin/wa?A0=CSOUND Send bugs reports to https://github.com/csound/csound/issues Discussions of bugs and features can be posted here Csound mailing list Csound@listserv.heanet.ie https://listserv.heanet.ie/cgi-bin/wa?A0=CSOUND Send bugs reports to https://github.com/csound/csound/issues Discussions of bugs and features can be posted here

Date	2023-01-15 18:20
From	Victor Lazzarini
Subject	Re: [Csnd] [EXTERNAL] Re: [Csnd] [OT] fetch question
	I don't think it makes any difference Prof. Victor Lazzarini Maynooth University Ireland On 15 Jan 2023, at 18:00, Rory Walsh <rorywalsh@ear.ie> wrote: Warning This email originated from outside of Maynooth University's Mail System. Do not reply, click links or open attachments unless you recognise the sender and know the content is safe. I have no idea, is it because one is http while the other is https? On Sun 15 Jan 2023, 2:45 p.m. Victor Lazzarini, <Victor.Lazzarini@mu.ie> wrote: I get confused as to what we are allowed to fetch. For example, say we have the code fetch(srcf).then((x) => { bx = x }) Some URLs seem to be fetched while others fail to fetch. For example, I tried to fetch from Steven’s site https://www.kunstmusik.com/mp3/hidden_laws.mp3 and it failed. But I can fetch the index.html from http://kunstmusik.github.io/icsc2022-csound-web/index.html Both are CORS but one can be fetched and the other can’t. Does anyone have a clue? ======================== Prof. Victor Lazzarini Maynooth University Ireland Csound mailing list Csound@listserv.heanet.ie https://listserv.heanet.ie/cgi-bin/wa?A0=CSOUND Send bugs reports to https://github.com/csound/csound/issues Discussions of bugs and features can be posted here Csound mailing list Csound@listserv.heanet.ie https://listserv.heanet.ie/cgi-bin/wa?A0=CSOUND Send bugs reports to https://github.com/csound/csound/issues Discussions of bugs and features can be posted here

Date	2023-01-15 18:24
From	Richard Dobson
Subject	Re: [Csnd] [EXTERNAL] Re: [Csnd] [OT] fetch question
	I just tried it (Mac, 10.14) - both Firefox and Safari reject the site ("invalid certificate", or "unsafe"), while Chrome is OK with it. So it looks like a "YMMV" sort of situation. Richard Dobson On 15/01/2023 18:20, Victor Lazzarini wrote: > I don't think it makes any difference > > Prof. Victor Lazzarini > Maynooth University > Ireland > >> On 15 Jan 2023, at 18:00, Rory Walsh wrote: >> >> >> >> >> Warning >> >> This email originated from outside of Maynooth University's Mail >> System. Do not reply, click links or open attachments unless you >> recognise the sender and know the content is safe. >> >> I have no idea, is it because one is http while the other is https? >> ... Csound mailing list Csound@listserv.heanet.ie https://listserv.heanet.ie/cgi-bin/wa?A0=CSOUND Send bugs reports to https://github.com/csound/csound/issues Discussions of bugs and features can be posted here

Date	2023-01-15 20:51
From	Michael Gogins
Subject	Re: [Csnd] [EXTERNAL] Re: [Csnd] [OT] fetch question
	https://developer.mozilla.org/en-US/docs/Web/API/fetch Parameters kept changing through the past several years. Just try combinations. On Sun, Jan 15, 2023, 13:24 Richard Dobson <richard@rwdobson.com> wrote: I just tried it (Mac, 10.14) - both Firefox and Safari reject the site ("invalid certificate", or "unsafe"), while Chrome is OK with it. So it looks like a "YMMV" sort of situation. Richard Dobson On 15/01/2023 18:20, Victor Lazzarini wrote: > I don't think it makes any difference > > Prof. Victor Lazzarini > Maynooth University > Ireland > >> On 15 Jan 2023, at 18:00, Rory Walsh <rorywalsh@ear.ie> wrote: >> >> >> >> >> Warning >> >> This email originated from outside of Maynooth University's Mail >> System. Do not reply, click links or open attachments unless you >> recognise the sender and know the content is safe. >> >> I have no idea, is it because one is http while the other is https? >> ... Csound mailing list Csound@listserv.heanet.ie https://listserv.heanet.ie/cgi-bin/wa?A0=CSOUND Send bugs reports to https://github.com/csound/csound/issues Discussions of bugs and features can be posted here Csound mailing list Csound@listserv.heanet.ie https://listserv.heanet.ie/cgi-bin/wa?A0=CSOUND Send bugs reports to https://github.com/csound/csound/issues Discussions of bugs and features can be posted here

Date	2023-01-16 02:12
From	Michael Gogins
Subject	Re: [Csnd] [OT] fetch question
	I can view both of these, and the first example plays fine. That's on macOS Ventura 131 with Chrome Version 108.0.5359.124 (Official Build) (arm64). ----------------------------------------------------- Michael Gogins Irreducible Productions http://michaelgogins.tumblr.com Michael dot Gogins at gmail dot com On Sun, Jan 15, 2023 at 9:45 AM Victor Lazzarini <Victor.Lazzarini@mu.ie> wrote: I get confused as to what we are allowed to fetch. For example, say we have the code fetch(srcf).then((x) => { bx = x }) Some URLs seem to be fetched while others fail to fetch. For example, I tried to fetch from Steven’s site https://www.kunstmusik.com/mp3/hidden_laws.mp3 and it failed. But I can fetch the index.html from http://kunstmusik.github.io/icsc2022-csound-web/index.html Both are CORS but one can be fetched and the other can’t. Does anyone have a clue? ======================== Prof. Victor Lazzarini Maynooth University Ireland Csound mailing list Csound@listserv.heanet.ie https://listserv.heanet.ie/cgi-bin/wa?A0=CSOUND Send bugs reports to https://github.com/csound/csound/issues Discussions of bugs and features can be posted here Csound mailing list Csound@listserv.heanet.ie https://listserv.heanet.ie/cgi-bin/wa?A0=CSOUND Send bugs reports to https://github.com/csound/csound/issues Discussions of bugs and features can be posted here

Date	2023-01-16 09:19
From	Victor Lazzarini
Subject	Re: [Csnd] [EXTERNAL] [Csnd] [OT] fetch question
	My problem is not viewing or playing (/downloading). The problem is using the fetch API (e.g. with the code I showed). ======================== Prof. Victor Lazzarini Maynooth University Ireland > On 16 Jan 2023, at 02:12, Michael Gogins wrote: > > WARNINGThis email originated from outside of Maynooth University's Mail System. Do not reply, click links or open attachments unless you recognise the sender and know the content is safe. > I can view both of these, and the first example plays fine. That's on macOS Ventura 131 with Chrome Version 108.0.5359.124 (Official Build) (arm64). > > ----------------------------------------------------- > Michael Gogins > Irreducible Productions > http://michaelgogins.tumblr.com > Michael dot Gogins at gmail dot com > > > On Sun, Jan 15, 2023 at 9:45 AM Victor Lazzarini wrote: > I get confused as to what we are allowed to fetch. For example, say we have the code > > fetch(srcf).then((x) => { bx = x }) > > Some URLs seem to be fetched while others fail to fetch. For example, > I tried to fetch from Steven’s site > > https://www.kunstmusik.com/mp3/hidden_laws.mp3 > > and it failed. But I can fetch the index.html from > > http://kunstmusik.github.io/icsc2022-csound-web/index.html > > Both are CORS but one can be fetched and the other can’t. Does anyone have a clue? > ======================== > Prof. Victor Lazzarini > Maynooth University > Ireland > > > Csound mailing list > Csound@listserv.heanet.ie > https://listserv.heanet.ie/cgi-bin/wa?A0=CSOUND > Send bugs reports to > https://github.com/csound/csound/issues > Discussions of bugs and features can be posted here > Csound mailing list Csound@listserv.heanet.ie https://listserv.heanet.ie/cgi-bin/wa?A0=CSOUND Send bugs reports to https://github.com/csound/csound/issues Discussions of bugs and features can be posted here Csound mailing list Csound@listserv.heanet.ie https://listserv.heanet.ie/cgi-bin/wa?A0=CSOUND Send bugs reports to https://github.com/csound/csound/issues Discussions of bugs and features can be posted here

Date	2023-01-16 12:14
From	Hlöðver Sigurðsson
Subject	Re: [Csnd] [EXTERNAL] [Csnd] [OT] fetch question
	yes cross origin fetching is always risky. The amount of factors determining if fetch will succeed are many. Cors is the most common issue for rejection, but rejection can also vary from CSP (content-security-policy) referrer-policy https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Referrer-Policy, Strict-Transport-Security Header (HSTS), X-Frame options if it's running in an iframe (which I believe all sandboxes do), there are also two new security headers which are required for making sharedarraybuffer work: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Cross-Origin-Resource-Policy and https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Cross-Origin-Opener-Policy On Mon, 16 Jan 2023 at 10:19, Victor Lazzarini <Victor.Lazzarini@mu.ie> wrote: My problem is not viewing or playing (/downloading). The problem is using the fetch API (e.g. with the code I showed). ======================== Prof. Victor Lazzarini Maynooth University Ireland > On 16 Jan 2023, at 02:12, Michael Gogins <michael.gogins@GMAIL.COM> wrote: > > WARNINGThis email originated from outside of Maynooth University's Mail System. Do not reply, click links or open attachments unless you recognise the sender and know the content is safe. > I can view both of these, and the first example plays fine. That's on macOS Ventura 131 with Chrome Version 108.0.5359.124 (Official Build) (arm64). > > ----------------------------------------------------- > Michael Gogins > Irreducible Productions > http://michaelgogins.tumblr.com > Michael dot Gogins at gmail dot com > > > On Sun, Jan 15, 2023 at 9:45 AM Victor Lazzarini <Victor.Lazzarini@mu.ie> wrote: > I get confused as to what we are allowed to fetch. For example, say we have the code > > fetch(srcf).then((x) => { bx = x }) > > Some URLs seem to be fetched while others fail to fetch. For example, > I tried to fetch from Steven’s site > > https://www.kunstmusik.com/mp3/hidden_laws.mp3 > > and it failed. But I can fetch the index.html from > > http://kunstmusik.github.io/icsc2022-csound-web/index.html > > Both are CORS but one can be fetched and the other can’t. Does anyone have a clue? > ======================== > Prof. Victor Lazzarini > Maynooth University > Ireland > > > Csound mailing list > Csound@listserv.heanet.ie > https://listserv.heanet.ie/cgi-bin/wa?A0=CSOUND > Send bugs reports to > https://github.com/csound/csound/issues > Discussions of bugs and features can be posted here > Csound mailing list Csound@listserv.heanet.ie https://listserv.heanet.ie/cgi-bin/wa?A0=CSOUND Send bugs reports to https://github.com/csound/csound/issues Discussions of bugs and features can be posted here Csound mailing list Csound@listserv.heanet.ie https://listserv.heanet.ie/cgi-bin/wa?A0=CSOUND Send bugs reports to https://github.com/csound/csound/issues Discussions of bugs and features can be posted here Csound mailing list Csound@listserv.heanet.ie https://listserv.heanet.ie/cgi-bin/wa?A0=CSOUND Send bugs reports to https://github.com/csound/csound/issues Discussions of bugs and features can be posted here