Open Spindel opened 5 years ago
We should be permissive about CORS for our GET-able resources (root.crt et-al)
Suggest that we add Access-Control-Allow-Origin: * to root.crt view.
Access-Control-Allow-Origin: *
root.crt
For details, see: https://fetch.spec.whatwg.org/#http-cors-protocol
Further use could be done by permitting CORS GET requests on downloading fresh certificates, and maybe POST, but that should be a separate issue.
Originally @niligulmohar comment from the Grafana plugin.
We should be permissive about CORS for our GET-able resources (root.crt et-al)
Suggest that we add
Access-Control-Allow-Origin: *toroot.crtview.For details, see: https://fetch.spec.whatwg.org/#http-cors-protocol
Further use could be done by permitting CORS GET requests on downloading fresh certificates, and maybe POST, but that should be a separate issue.
Originally @niligulmohar comment from the Grafana plugin.