slopjong
commented
10 years ago Here's the list with spaces that don't respect the acao header: http://pastebin.com/raw.php?i=7DtVuFgN
Open eastein opened 10 years ago
slopjong
commented
10 years ago Here's the list with spaces that don't respect the acao header: http://pastebin.com/raw.php?i=7DtVuFgN
brimstone
commented
10 years ago I think that apps should be able to function without the directory, keeping the spaceapi as distributed as possible. I think that proper CORS headers should be required for 0.14. I think it would be nice to continue to cache the endpoints as we currently do, and provide a ?cached=true option of some sort to the directory for apps that don't required live data or are OK with a third party caching the endpoints.
https://github.com/SpaceApi/validation-plugins/blob/master/headers-hosting-consideration.php is the warnings code as is
see issue #36 for history background.
We need to have some way of dealing with the fact that lack of CORS header makes it totally unusable for a js web application to try to hit the spaces directly. As much as we would rather everyone fixed their end point, it would be nice to fix the issue from the API central point. We could make it be in 10 minute cache or even an hour, so as to penalize the spaces for failing to comply.