Opened 8 years ago

Last modified 5 years ago

#135 new enhancement

Add Access-Control-Allow-Origin Header Option

Reported by: Paul Reid Owned by: Christian Illy
Priority: major Component: Server fixes
Keywords: API access control Cc:

Description

I'm currently trying to move the webserver folder to a subdir under my website, but there is a brick wall that I cannot climb over - Access-Control. When I have faced this in the past and have had control over the resource I am requesting, I have added a header via PHP:

header('Access-Control-Allow-Origin: http://domain.com');

Would it be possible to add this functionality?
I know a few coders who could add this to the source and recompile with this functionality, but I think it would be useful for others also.

Change History (2)

comment:1 by Paul Reid, 8 years ago

I achieved the desired effect by adding a line to Web.cs (l180) and rebuilding:

response.AddHeader("Access-Control-Allow-Origin", "domain.com");
kvp.Value.HandleRequest (request, response, conn, permissionLevel);

Obviously domain.com is replaced with my own domain name.

It would be great if we could add this 'domain.com' string via console or config.

comment:2 by Christian Illy, 5 years ago

Priority: minormajor

Bumping priority as demand seems to increase.

Note: See TracTickets for help on using tickets.