Solution to the “invalid origin” error from the dedicated gateway for IPFS-hosted sites

This is a note for anyone facing an “not allowed - invalid origin” response when trying to retrieve information from their dedicated IPFS gateway.

You need to check the settings under the “Secutrity” tab of your IPFS settings. The pertinent configuration is the “Allowed HTTP Origins” at the bottom of the list.

If you’re serving content loaded out of IPFS and don’t know what the origin will be, you can use * as the allowed origin.

For reference, here’s the bash script I wrote trying to figure this out:

#!/usr/bin/env bash

CIDV1="$(ipfs cid format "$CID" -v=1 -b=base32)"
URL="https://$HOST/ipfs/$CID/$(urlencode "$FILE")"
ROOT="$(realpath --relative-to=. "${0%/*}/../")"
USER="$(grep IPFS_AUTH_USERNAME "$ENV" | sed -e 's/.*=//' | tr -d [:space:])"
PASS="$(grep IPFS_AUTH_PASSWORD "$ENV" | sed -e 's/.*=//' | tr -d [:space:])"
AUTH="Basic $(echo -n "$USER:$PASS" | base64 -w100)"
APIURL="$CID/$(urlencode "$FILE")"
DWEBURL="https://$$(urlencode "$FILE")"

echo "Read \$USER = \"$USER\" & \$PASS = \"$PASS\" from $ENV"
echo "Retrieving: $URL"
curl -D - "$URL"
echo '  ————————————————————————————————————————————————————————————————————'
echo "Retrieving: $URL with Authorization"
curl -D - -H "Authorization: $AUTH" "$URL"
echo '  ————————————————————————————————————————————————————————————————————'
echo "Retrieving: $APIURL with \`curl\` \`-u\`"
curl -D - -X POST -u "$USER:$PASS" "$APIURL"
echo '  ————————————————————————————————————————————————————————————————————'
echo "Retrieving: $DWEBURL"
curl -D - "$DWEBURL"

It demonstrates a couple different ways I found to pull information from the gateway.

1 Like