eemmzz
commented
7 years ago +1 to this. I've hit an issue where I am not in charge of the client and the client respects CORS. My only workaround is proxying.
Closed scotthelm closed 6 years ago
eemmzz
commented
7 years ago +1 to this. I've hit an issue where I am not in charge of the client and the client respects CORS. My only workaround is proxying.
corincerami
commented
7 years ago I am definitely open to adding CORS support and I think it would be a great idea. I don't have a ton of free time right to work on it, but if someone wants to open a pull request I'd be happy to review and merge it.
corincerami
commented
7 years ago So I looked into this tonight, and it looks like I added CORS support a couple of years ago in this commit. I'm not sure what it is I'm missing.
qwazwsx
commented
6 years ago the api hosted at https://api.nasa.gov/ doesn't have CORS enabled but the https://mars-photos.herokuapp.com one does
so instead of using
https://api.nasa.gov/mars-photos/api/v1/rovers/curiosity/photos?sol=1000&api_key=DEMO_KEY
use
https://mars-photos.herokuapp.com/api/v1/rovers/curiosity/photos?sol=1000
it has CORS so you can load it from any domain and you don't need an api key
corincerami
commented
6 years ago Thanks for the info. I actually didn't realize that. Unfortunately I don't have much control over what NASA does with their site, but the api.nasa.gov version is just reverse proxied to the mars-photos.herokuapp.com version, so feel free to use whichever serves your purposes.
Are you open to adding CORS support? It would make dealing with the API directly with JavaScript possible. I think this could be accomplished relatively painlessly via the rack-cors gem. I have also found this comment to be very helpful for doing the configuration.
Thanks!