Universal Media Server | Forum

There are some clients that will not connect to a server that does not implement CORS. Implementation is actually really simple. It only requires that when a client sends a request to UMS you would need to return a couple more response headers. Namely Access-Control-Allow-Origin and Access-Control-Allow-Headers. It should be a simple change and will open up quite a few new avenues of development. I'm sure the Web-based client that has been in development would benefit greatly from this as well.

Can you provide any reference documentation?

Basically you just add the headers Einzeln cited in each Web Player response (I'm assuming this occurs only with Web Player). More information in this Wikipedia article:

http://en.wikipedia.org/wiki/Cross-orig ... ce_sharing

Which types of clients? Only WEB clients or even UPNP/DLNA once?

Unrelated to this particular question, but 'Access-Control-Allow-Origin="*"' is already sent by the push handler in the upnp branch so the player can communicate with UMS from other domains. I'm also curious to know specifics of 'some clients'.

infidel wrote:Unrelated to this particular question, but 'Access-Control-Allow-Origin="*"' is already sent by the push handler in the upnp branch so the player can communicate with UMS from other domains. I'm also curious to know specifics of 'some clients'.

That's why I asked

Well, I actually can't speak to just how many clients might require CORS, but my specific situation was that I was fiddling with javascript in an html page I wrote to make xmlHttpRequest calls to ums from my chrome browser. I had issues at first because the 'chrome browser' specifically, requires CORS implementation from the server to make calls to other domains as infidel stated. I actually got around this by using a chrome extension called Allow-Control-Allow-Origin that listens for responses and fools chrome by appending Access-Control-Allow-Origin to the response. Then I modified that extension into a second extension that I call Allow-Control-Allow-Headers to append Access-Control-Allow-Headers to the POST request responses. Anyway all that info was a little unnecessary but all-together I was able to retrieve and store the responses after fooling chrome. I imagine some of this is along the same lines as what you guys are trying to achieve with the web ui.