Implement CORS

If you have a suggestion for a feature, post it here
Post Reply
Einzeln
Posts: 9
Joined: Wed May 21, 2014 11:09 pm

Implement CORS

Post by Einzeln » Sat May 31, 2014 10:27 pm

There are some clients that will not connect to a server that does not implement CORS. Implementation is actually really simple. It only requires that when a client sends a request to UMS you would need to return a couple more response headers. Namely Access-Control-Allow-Origin and Access-Control-Allow-Headers. It should be a simple change and will open up quite a few new avenues of development. I'm sure the Web-based client that has been in development would benefit greatly from this as well.

User avatar
DeFlanko
Moderator
Posts: 724
Joined: Thu Jun 21, 2012 3:43 am
Location: San Pedro, CA
Contact:

Re: Implement CORS

Post by DeFlanko » Thu Jun 05, 2014 4:51 am

Can you provide any reference documentation?

Tiago Costa
Posts: 12
Joined: Mon Apr 28, 2014 5:35 pm

Re: Implement CORS

Post by Tiago Costa » Fri Jun 06, 2014 7:08 am

Basically you just add the headers Einzeln cited in each Web Player response (I'm assuming this occurs only with Web Player). More information in this Wikipedia article:

http://en.wikipedia.org/wiki/Cross-orig ... ce_sharing

User avatar
SharkHunter
Developer
Posts: 669
Joined: Fri Jun 01, 2012 9:36 pm

Re: Implement CORS

Post by SharkHunter » Fri Jun 06, 2014 6:56 pm

Which types of clients? Only WEB clients or even UPNP/DLNA once?
We reject: kings, presidents and voting.
We believe in: rough consensus and running code.

infidel
Developer
Posts: 571
Joined: Thu Jul 12, 2012 5:37 am

Re: Implement CORS

Post by infidel » Sat Jun 07, 2014 12:15 am

Unrelated to this particular question, but 'Access-Control-Allow-Origin="*"' is already sent by the push handler in the upnp branch so the player can communicate with UMS from other domains. I'm also curious to know specifics of 'some clients'.

User avatar
SharkHunter
Developer
Posts: 669
Joined: Fri Jun 01, 2012 9:36 pm

Re: Implement CORS

Post by SharkHunter » Sat Jun 07, 2014 12:47 am

infidel wrote:Unrelated to this particular question, but 'Access-Control-Allow-Origin="*"' is already sent by the push handler in the upnp branch so the player can communicate with UMS from other domains. I'm also curious to know specifics of 'some clients'.
That's why I asked :)
We reject: kings, presidents and voting.
We believe in: rough consensus and running code.

Einzeln
Posts: 9
Joined: Wed May 21, 2014 11:09 pm

Re: Implement CORS

Post by Einzeln » Wed Jun 11, 2014 12:30 pm

Well, I actually can't speak to just how many clients might require CORS, but my specific situation was that I was fiddling with javascript in an html page I wrote to make xmlHttpRequest calls to ums from my chrome browser. I had issues at first because the 'chrome browser' specifically, requires CORS implementation from the server to make calls to other domains as infidel stated. I actually got around this by using a chrome extension called Allow-Control-Allow-Origin that listens for responses and fools chrome by appending Access-Control-Allow-Origin to the response. Then I modified that extension into a second extension that I call Allow-Control-Allow-Headers to append Access-Control-Allow-Headers to the POST request responses. Anyway all that info was a little unnecessary but all-together I was able to retrieve and store the responses after fooling chrome. I imagine some of this is along the same lines as what you guys are trying to achieve with the web ui.

Post Reply