dpwiessner
commented
1 week ago Could be solved using CORS Middleware:
Don't use AllowAllOrigins; put restrictions to the urls we need.
As an idea:
Import: "github.com/gin-contrib/cors"
And add this to NewIngesterServer
// This is how you set up a basic gin router
r := gin.Default()
r.Use(cors.New(cors.Config{
**AllowAllOrigins: true,**
AllowMethods: []string{"GET", "POST", "PUT", "DELETE", "OPTIONS"},
AllowHeaders: []string{"Origin", "Content-Type", "Accept"},
}))
The ingestor must be accessible from the PSI URL (*.psi.ch). For development purposes, it would also be good to release localhost or 127.0.01 addresses.
Currently, all requests from a different address are blocked by the CORS policy.