Implement CORS
Implement CORS
There are some clients that will not connect to a server that does not implement CORS. Implementation is actually really simple. It only requires that when a client sends a request to UMS you would need to return a couple more response headers. Namely Access-Control-Allow-Origin and Access-Control-Allow-Headers. It should be a simple change and will open up quite a few new avenues of development. I'm sure the Web-based client that has been in development would benefit greatly from this as well.
Re: Implement CORS
Can you provide any reference documentation?
Please remember to Upload your debug logs!
Universal Media Server Wiki!
"...functionality before beautification..."
-
Tiago Costa
- Posts: 12
- Joined: Mon Apr 28, 2014 5:35 pm
Re: Implement CORS
Basically you just add the headers Einzeln cited in each Web Player response (I'm assuming this occurs only with Web Player). More information in this Wikipedia article:
http://en.wikipedia.org/wiki/Cross-orig ... ce_sharing
http://en.wikipedia.org/wiki/Cross-orig ... ce_sharing
-
SharkHunter
- Developer
- Posts: 648
- Joined: Fri Jun 01, 2012 9:36 pm
Re: Implement CORS
Which types of clients? Only WEB clients or even UPNP/DLNA once?
We reject: kings, presidents and voting.
We believe in: rough consensus and running code.
We believe in: rough consensus and running code.
Re: Implement CORS
Unrelated to this particular question, but 'Access-Control-Allow-Origin="*"' is already sent by the push handler in the upnp branch so the player can communicate with UMS from other domains. I'm also curious to know specifics of 'some clients'.
-
SharkHunter
- Developer
- Posts: 648
- Joined: Fri Jun 01, 2012 9:36 pm
Re: Implement CORS
That's why I askedinfidel wrote:Unrelated to this particular question, but 'Access-Control-Allow-Origin="*"' is already sent by the push handler in the upnp branch so the player can communicate with UMS from other domains. I'm also curious to know specifics of 'some clients'.
We reject: kings, presidents and voting.
We believe in: rough consensus and running code.
We believe in: rough consensus and running code.
Re: Implement CORS
Well, I actually can't speak to just how many clients might require CORS, but my specific situation was that I was fiddling with javascript in an html page I wrote to make xmlHttpRequest calls to ums from my chrome browser. I had issues at first because the 'chrome browser' specifically, requires CORS implementation from the server to make calls to other domains as infidel stated. I actually got around this by using a chrome extension called Allow-Control-Allow-Origin that listens for responses and fools chrome by appending Access-Control-Allow-Origin to the response. Then I modified that extension into a second extension that I call Allow-Control-Allow-Headers to append Access-Control-Allow-Headers to the POST request responses. Anyway all that info was a little unnecessary but all-together I was able to retrieve and store the responses after fooling chrome. I imagine some of this is along the same lines as what you guys are trying to achieve with the web ui.