Closed dariobanfi closed 6 years ago
Ah I understand... Any plan on how to solve this? Maybe with a proxy in webpack-dev-server? To be honest though, this doesn't seem such a severe security risk that justifies not having a working HMR.
Especially since on a development environment the IPs are not normally reachable and if they were, leaking the "compiled source code" would be the last of the problems. Maybe it's worth writing a comment about it.
But correct me if I'm wrong or I am underestimating the risk.
Hi @dariobanfi sorry for the late reply.
I looked into this. If you change your URL to http://0.0.0.0:1337
then it will work. We need to work out a better way of setting the host part in the webpack dev server configuration.
Closing in favour of #506
Currently hot reloading of changes is not working because of Access-Control-Allow-Origin header. The issue, together with the proposed resolution, is described here.
This may also fix this issue: https://github.com/ctrlplusb/react-universally/issues/421
This change fixes the problem, however I'm not sure if there are some unwanted side effects with this. I'd imagine a
Access-Control-Allow-Origin *
should not be a problem for the dev server.