broker cross-Origin, OPTIONS method not allowed

[j-forster]

The broker works very well with curl or in the browser (http://broker.waziup.io), but fetching data from other domains (that are limited to cross-origin security) fails.

For example: My WebApp, which is using the waziup broker, requests (http://broker.waziup.io) using fetch, must schedule an OPTIONS request first, before the main GET request. However, the OPTIONS request fails: Request Headers:

OPTIONS /v2/entities HTTP/1.1
Access-Control-Request-Headers: fiware-service,fiware-servicepath
Access-Control-Request-Method: GET
Origin: http://my-domain.com

Response Headers:

HTTP/1.1 405 Method Not Allowed
Allow: POST, GET

The dashboard avoids this conflict using orion.waziup.io.

So should i use orion.waziup.io in general, or are you going to implement the cross-origin functionality for broker.waziup.io? (Or is using the broker with other WebApp not intended?) Thanks in advance!

[cdupont]

Hi Johann, good call. You're right, Orion doesn't support CORS: https://github.com/telefonicaid/fiware-orion/issues/501 So in Waziup we added a proxy that adds the CORS responses: https://github.com/Waziup/Platform/blob/master/identity/identityproxy.conf#L11 This is documented here: http://www.waziup.io/documentation/api/api-reference/

So yes, you can use http://orion.waziup.io/v1/data/entities from a WebApp.

[cdupont]

@j-forster is it resolved?

[j-forster]

Yes, thanks for your answer.