
<div dir="ltr">If you have a front end web server then you can let it handle the CORS for you and don&#39;t worry about it in your app, I&#39;ve used the approach in <a href="https://awesometoast.com/cors/">https://awesometoast.com/cors/</a> with success for apache, I&#39;ve heard it&#39;s also pretty straightforward for nginx. This way you avoid a full catalyst request for the preflights.<div><br></div></div><br><div class="gmail_quote"><div dir="ltr">On Mon, 18 Jun 2018 at 18:06 João André Simioni &lt;<a href="mailto:jasimioni@gmail.com">jasimioni@gmail.com</a>&gt; wrote:<br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr"><div>I use the following code to allow all origins:</div><div><br></div><div><div><font face="monospace, monospace">    $c-&gt;response-&gt;header(&#39;Access-Control-Allow-Origin&#39;      =&gt; $c-&gt;req-&gt;header(&#39;origin&#39;));</font></div><div><font face="monospace, monospace">    $c-&gt;response-&gt;header(&#39;Access-Control-Allow-Methods&#39;     =&gt; &#39;GET,POST,OPTIONS&#39;);</font></div><div><font face="monospace, monospace">    $c-&gt;response-&gt;header(&#39;Access-Control-Allow-Headers&#39;     =&gt; &#39;accept,content-type&#39;);</font></div><div><font face="monospace, monospace">    $c-&gt;response-&gt;header(&#39;Access-Control-Allow-Credentials&#39; =&gt; &#39;true&#39;);</font></div><div><font face="monospace, monospace"><br></font></div><div><font face="monospace, monospace">    if ($c-&gt;req-&gt;method eq &#39;OPTIONS&#39;) {</font></div><div><font face="monospace, monospace">        $c-&gt;stash(jsonrpc_output =&gt; { result =&gt; &#39;CORS Workaround&#39; });</font></div><div><font face="monospace, monospace">        return;</font></div><div><font face="monospace, monospace">    }</font></div></div><div><br></div></div><div class="gmail_extra"></div><div class="gmail_extra"><br><div class="gmail_quote">On Mon, Jun 18, 2018 at 3:34 AM, Theo Bot <span dir="ltr">&lt;<a href="mailto:thg.bot@gmail.com" target="_blank">thg.bot@gmail.com</a>&gt;</span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr"><div>David,</div><div><br></div><div>It is routed to the default en routine:</div><div><br></div><div>sub end :ActionClass(&#39;RenderView&#39;) {</div><div>     my($self,$c) = @_;<br></div><div>}<br></div></div><div class="gmail_extra"><br><div class="gmail_quote"><span>On Fri, Jun 15, 2018 at 3:07 PM, David Dorward <span dir="ltr">&lt;<a href="mailto:david@dorward.me.uk" target="_blank">david@dorward.me.uk</a>&gt;</span> wrote:<br></span><div><div class="m_5770333004948931295h5"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><span>cOn 15 Jun 2018, at 13:54, Theo Bot wrote:<br>

<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">

Can anybody tell me to to add an &quot;Access-Control-Allow-Origin&quot; in the<br>

header:<br>

<br>

I&#39;ve tried &quot;$c-&gt;response-&gt;header(&#39;Access-Control-Allow-Origin&#39; =&gt; &#39;*&#39;);<br>

</blockquote>

<br></span>

That&#39;s how you do it.<span><br>

<br>

<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">

But I don&#39;t see it in the response<br>

</blockquote>

<br></span>

Is that line of code actually running for the response?<br>

<br>

Have you put it on the wrong route by mistake?<br>

<br>

Are you putting it on the response for a POST or GET request when the browser is making a preflight OPTIONS request which isn&#39;t being handled by that?<br>

<br>

_______________________________________________<br>

List: <a href="mailto:Catalyst@lists.scsys.co.uk" target="_blank">Catalyst@lists.scsys.co.uk</a><br>

Listinfo: <a href="http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst" rel="noreferrer" target="_blank">http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst</a><br>

Searchable archive: <a href="http://www.mail-archive.com/catalyst@lists.scsys.co.uk/" rel="noreferrer" target="_blank">http://www.mail-archive.com/catalyst@lists.scsys.co.uk/</a><br>

Dev site: <a href="http://dev.catalyst.perl.org/" rel="noreferrer" target="_blank">http://dev.catalyst.perl.org/</a><br>

</blockquote></div></div></div><span class="m_5770333004948931295HOEnZb"><font color="#888888"><br><br clear="all"><br>-- <br><div class="m_5770333004948931295m_-3673931286536310316gmail_signature" data-smartmail="gmail_signature"><div dir="ltr"><div>Met vriendelijke groet,<br><br>Theo Bot<br><br></div></div></div>

</font></span></div>

<br>_______________________________________________<br>

List: <a href="mailto:Catalyst@lists.scsys.co.uk" target="_blank">Catalyst@lists.scsys.co.uk</a><br>

Listinfo: <a href="http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst" rel="noreferrer" target="_blank">http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst</a><br>

Searchable archive: <a href="http://www.mail-archive.com/catalyst@lists.scsys.co.uk/" rel="noreferrer" target="_blank">http://www.mail-archive.com/catalyst@lists.scsys.co.uk/</a><br>

Dev site: <a href="http://dev.catalyst.perl.org/" rel="noreferrer" target="_blank">http://dev.catalyst.perl.org/</a><br>

<br></blockquote></div><br><br clear="all"><div><br></div></div><div class="gmail_extra">-- <br><div class="m_5770333004948931295gmail_signature" data-smartmail="gmail_signature"><div dir="ltr">João André Simioni<br><a href="mailto:jasimioni@gmail.com" target="_blank">jasimioni@gmail.com</a></div></div>

</div>

_______________________________________________<br>

List: <a href="mailto:Catalyst@lists.scsys.co.uk" target="_blank">Catalyst@lists.scsys.co.uk</a><br>

Listinfo: <a href="http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst" rel="noreferrer" target="_blank">http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst</a><br>

Searchable archive: <a href="http://www.mail-archive.com/catalyst@lists.scsys.co.uk/" rel="noreferrer" target="_blank">http://www.mail-archive.com/catalyst@lists.scsys.co.uk/</a><br>

Dev site: <a href="http://dev.catalyst.perl.org/" rel="noreferrer" target="_blank">http://dev.catalyst.perl.org/</a><br>

</blockquote></div>