Closed crotwell closed 2 months ago
Dear @crotwell ,
thanks for pointing that out. We are aware of this issue (see also https://github.com/GeoNet/help/issues/115) and we have been discussing internally on the implications of enabling CORS headers on our FDSN services, and potential impact on the service performance if we do so.
With current constraints on GeoNet programme and already planned developments we won't be able to implement such a service in the short term. This is a good suggestion, and we can revisit this in the future if the opportunity arise.
I have a suite of test cases for FDSN web services here: http://www.seis.sc.edu/fdsnServiceCheck/serviceCheck.html
If you run the tests on GeoNet you will see that all fail, due to the CORS. Web browsers prevent connections to sites that were not the original download if that server doesn't include a CORS header. I think this style of allowing other web pages access to your seismic data is very useful and so would encourage enabling this.
Basicly this header should be added to all responses: Access-Control-Allow-Origin: *
More information on CORS can be found here:
https://en.wikipedia.org/wiki/Cross-origin_resource_sharing https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS
And thanks for registering your web services with the FDSN, #136