pstuifzand
commented
3 years ago Ekster Reader (https://reader.p83.nl/) is a client-side only microsub client. When the CORS headers are set correctly on the Microsub responses it will work as expected. The authentication works as well, but also needs CORS headers on everything. At the moment the "*" value is used in the headers, but could be changed to respond with the right values for explicitly allowed clients.
CORS headers would make it possible to build clients that do not need any server-side code of their own. Authentication would be an issue in this case, so maybe suggesting a way to implement this would be helpful.