Open paganellif opened 4 months ago
just a thought: in DITA R2D2BC web reader you can disable "credentials" in the http requester / fetch client options. Typically that is what forces the removal of asterisk / catch-all CORS allow origin. But perhaps you in fact need "credentials" so indeed you would need to modify the streamer config.
I've made and tested these changes to src/http/server.ts
and it works:
disableCORS?: boolean
to IServerOptions
Server
constructor
this.disableCORS = options && options.disableCORS ? options.disableCORS : false
setResponseCORS
to conditionally set CORSIf you agree with these changes, I already have a pull request that could be merged. If the pull request is approved, when do you plan to release the new version? because I really need this change.
I need this feature to deploy the streamer as a service behind an API gateway that already checks and sets CORS headers.
Without this feature, I'm not able to use the server APIs because there is more than one origin in the
Access-Control-Allow-Origin
and this is not allowed.