[Catalyst] Access-Control-Allow-Origin
Scott Thomson
smoothhound at gmail.com
Tue Jun 19 08:43:52 GMT 2018
If you have a front end web server then you can let it handle the CORS for
you and don't worry about it in your app, I've used the approach in
https://awesometoast.com/cors/ with success for apache, I've heard it's
also pretty straightforward for nginx. This way you avoid a full catalyst
request for the preflights.
On Mon, 18 Jun 2018 at 18:06 João André Simioni <jasimioni at gmail.com> wrote:
> I use the following code to allow all origins:
>
> $c->response->header('Access-Control-Allow-Origin' =>
> $c->req->header('origin'));
> $c->response->header('Access-Control-Allow-Methods' =>
> 'GET,POST,OPTIONS');
> $c->response->header('Access-Control-Allow-Headers' =>
> 'accept,content-type');
> $c->response->header('Access-Control-Allow-Credentials' => 'true');
>
> if ($c->req->method eq 'OPTIONS') {
> $c->stash(jsonrpc_output => { result => 'CORS Workaround' });
> return;
> }
>
>
> On Mon, Jun 18, 2018 at 3:34 AM, Theo Bot <thg.bot at gmail.com> wrote:
>
>> David,
>>
>> It is routed to the default en routine:
>>
>> sub end :ActionClass('RenderView') {
>> my($self,$c) = @_;
>> }
>>
>> On Fri, Jun 15, 2018 at 3:07 PM, David Dorward <david at dorward.me.uk>
>> wrote:
>>
>>> cOn 15 Jun 2018, at 13:54, Theo Bot wrote:
>>>
>>>> Can anybody tell me to to add an "Access-Control-Allow-Origin" in the
>>>> header:
>>>>
>>>> I've tried "$c->response->header('Access-Control-Allow-Origin' => '*');
>>>>
>>>
>>> That's how you do it.
>>>
>>> But I don't see it in the response
>>>>
>>>
>>> Is that line of code actually running for the response?
>>>
>>> Have you put it on the wrong route by mistake?
>>>
>>> Are you putting it on the response for a POST or GET request when the
>>> browser is making a preflight OPTIONS request which isn't being handled by
>>> that?
>>>
>>> _______________________________________________
>>> List: Catalyst at lists.scsys.co.uk
>>> Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
>>> Searchable archive:
>>> http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
>>> Dev site: http://dev.catalyst.perl.org/
>>>
>>
>>
>>
>> --
>> Met vriendelijke groet,
>>
>> Theo Bot
>>
>>
>> _______________________________________________
>> List: Catalyst at lists.scsys.co.uk
>> Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
>> Searchable archive:
>> http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
>> Dev site: http://dev.catalyst.perl.org/
>>
>>
>
>
> --
> João André Simioni
> jasimioni at gmail.com
> _______________________________________________
> List: Catalyst at lists.scsys.co.uk
> Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
> Searchable archive:
> http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
> Dev site: http://dev.catalyst.perl.org/
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.scsys.co.uk/pipermail/catalyst/attachments/20180619/60a94783/attachment.htm>
More information about the Catalyst
mailing list