Figure out CORS - Githubissues

calaldees / KaraKara

Karaoke Event System - Attendees can view and queue tracks from their mobile phones

https://karakara.uk

GNU General Public License v3.0

28 stars 9 forks source link

Figure out CORS #128

Closed shish closed 1 year ago

shish commented 1 year ago

Running the clients locally with the server remotely is tricky because of CORS - it mostly works, but the session ID cookie isn't saved

The HTTP fetch() API has an option for {credentials: "include"}, which should allow sending and receiving cookies when talking to remote domains, but it requires the server to confirm "this client domain (eg 'localhost') is allowed to talk to me", and the wildcard for "allow all clients to talk to me" is forbidden...

shish commented 1 year ago

Fixed in

15328ec98db891a038c8395c842c5f586403ce59
aab126bcc8fee14d20ef7d6f4083c9d143d18d48
7f31a2286b151e928280e7c254522ef82f31c952